ofuxico.com.br Open in urlscan Pro
200.98.2.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ofuxico.com.br/
Effective URL:
https://ofuxico.com.br/
Submission: On February 21 via api (February 21st 2021, 1:04:19 pm UTC) from CA

Summary HTTP 453 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 50 domains to perform 453 HTTP transactions. The main IP is 200.98.2.62, located in Brazil and belongs to UOL DIVEO S.A., BR. The main domain is ofuxico.com.br.
TLS certificate: Issued by R3 on February 10th 2021. Valid for: 3 months.

This is the only time ofuxico.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 143	200.98.2.62 200.98.2.62	19089 (UOL DIVEO...) (UOL DIVEO S.A.)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2600:9000:206... 2600:9000:206f:800:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3035::ac43:9ecd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
19	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 12	35.201.69.215 35.201.69.215	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20d... 2600:9000:20d7:7000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
18	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2804:49c:3102... 2804:49c:3102:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1 5	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3 3	18.193.136.159 18.193.136.159	16509 (AMAZON-02) (AMAZON-02)
2 8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
3 9	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 5	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2 6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
9 43	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	51.89.21.21 51.89.21.21	16276 (OVH) (OVH)
2 2	54.93.115.47 54.93.115.47	16509 (AMAZON-02) (AMAZON-02)
4 4	51.77.188.248 51.77.188.248	16276 (OVH) (OVH)
1 1	172.104.64.149 172.104.64.149	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	3.121.79.35 3.121.79.35	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4 8	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
5	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1	18.156.150.124 18.156.150.124	16509 (AMAZON-02) (AMAZON-02)
1 2	185.11.128.204 185.11.128.204	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
2	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
36	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
4	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	200.147.166.107 200.147.166.107	7162 (Universo ...) (Universo Online S.A.)
453	64

143 200.98.2.62 (Brazil) 1 redirects

ASN19089 (UOL DIVEO S.A., BR)
PTR: manualdaquimica.com

ofuxico.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stc.ofuxico.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206f:800:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::ac43:9ecd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.201.69.215 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 215.69.201.35.bc.googleusercontent.com

embedsocial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20d7:7000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3102:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.136.159 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 9 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.52.19 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.21 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.115.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.77.188.248 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip248.ip-51-77-188.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.64.149 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.79.35 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.218.208.246 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.150.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

system360.inistrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.11.128.204 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-204.dataspace.pl

gde-default.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookiex.ngd.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.208 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-amt2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.147.166.107 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: static.dynad.net

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
143	ofuxico.com.br 1 redirects ofuxico.com.br stc.ofuxico.com.br	1 MB
53	googlesyndication.com 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	261 KB
47	doubleclick.net 11 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	296 KB
36	facebook.com www.facebook.com	630 KB
32	2mdn.net s0.2mdn.net	327 KB
29	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	186 KB
12	embedsocial.com 1 redirects embedsocial.com	2 MB
11	adform.net track.adform.net s1.adform.net	77 KB
11	rubiconproject.com 3 redirects pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	20 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	96 KB
9	google.com 1 redirects www.google.com adservice.google.com	799 B
8	fbcdn.net scontent-ams4-1.xx.fbcdn.net scontent-amt2-1.xx.fbcdn.net	89 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	2 KB
5	googletagservices.com www.googletagservices.com	159 KB
5	ampproject.org cdn.ampproject.org	98 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
4	dynad.net t.dynad.net s.dynad.net	55 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	gstatic.com fonts.gstatic.com	47 KB
4	google-analytics.com www.google-analytics.com	37 KB
4	pn.vg cdn.pn.vg osp-assets.pn.vg cookies.pn.vg	41 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	303 KB
3	yahoo.com 1 redirects ads.yahoo.com cookiex.ngd.yahoo.com pr-bh.ybp.yahoo.com	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	890 B
2	gemius.pl 1 redirects gde-default.hit.gemius.pl	618 B
2	360yield.com 2 redirects ice.360yield.com	1013 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	755 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	google.de www.google.de	590 B
2	facebook.net connect.facebook.net	63 KB
1	rlcdn.com id.rlcdn.com	66 B
1	mathtag.com 1 redirects sync.mathtag.com	788 B
1	inistrack.net system360.inistrack.net	687 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	360 B
1	criteo.com 1 redirects dis.criteo.com	483 B
1	emxdgt.com e1.emxdgt.com	124 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	1009 B
1	google.pl adservice.google.pl	169 B
453	50

	Domain	Requested by
92	stc.ofuxico.com.br	ofuxico.com.br
51	ofuxico.com.br	1 redirects ofuxico.com.br cdn.pn.vg
36	www.facebook.com	connect.facebook.net www.facebook.com
32	s0.2mdn.net	ofuxico.com.br s0.2mdn.net imasdk.googleapis.com
24	pagead2.googlesyndication.com	ofuxico.com.br 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net srcdoc
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net ofuxico.com.br 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com tpc.googlesyndication.com
17	cm.g.doubleclick.net	11 redirects ofuxico.com.br googleads.g.doubleclick.net
17	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net ofuxico.com.br www.googletagservices.com
12	embedsocial.com	1 redirects ofuxico.com.br embedsocial.com
10	cdn.taboola.com	ofuxico.com.br cdn.taboola.com
9	trc.taboola.com	cdn.taboola.com ofuxico.com.br
9	tm.jsuol.com.br	ofuxico.com.br tm.jsuol.com.br tm.uol.com.br
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	www.google.com	1 redirects ofuxico.com.br 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
6	track.adform.net	35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com s1.adform.net
6	googleads4.g.doubleclick.net	ofuxico.com.br
5	s1.adform.net	track.adform.net s1.adform.net 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects ofuxico.com.br googleads.g.doubleclick.net
5	pixel.rubiconproject.com	ofuxico.com.br
5	35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects cdn.taboola.com ofuxico.com.br widget.perfectmarket.com
4	scontent-amt2-1.xx.fbcdn.net
4	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	ofuxico.com.br 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects ofuxico.com.br
4	match.adsrvr.org	4 redirects
4	sync.taboola.com	2 redirects ofuxico.com.br
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	ofuxico.com.br www.google-analytics.com me.jsuol.com.br
3	ade.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	tm.uol.com.br	tm.jsuol.com.br ofuxico.com.br
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	s.dynad.net	t.dynad.net
2	b.t.tailtarget.com	tm.jsuol.com.br
2	sync-tm.everesttech.net	2 redirects
2	t.dynad.net	ofuxico.com.br
2	eus.rubiconproject.com	35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com eus.rubiconproject.com
2	gde-default.hit.gemius.pl	1 redirects 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
2	trc-events.taboola.com	ofuxico.com.br cdn.taboola.com
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	ofuxico.com.br
2	ce.lijit.com	1 redirects ofuxico.com.br
2	bh.contextweb.com	1 redirects ofuxico.com.br
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	www.google.de	ofuxico.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	ofuxico.com.br connect.facebook.net
2	cdn.pn.vg	ofuxico.com.br cdn.pn.vg
2	fonts.googleapis.com	ofuxico.com.br embedsocial.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	t.tailtarget.com
1	id.rlcdn.com
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com
1	cookiex.ngd.yahoo.com
1	ads.yahoo.com	1 redirects
1	tracker.bt.uol.com.br	ofuxico.com.br
1	system360.inistrack.net	35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
1	cds.taboola.com	ofuxico.com.br
1	bttrack.com	ofuxico.com.br
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	ofuxico.com.br
1	dsp.adkernel.com	ofuxico.com.br
1	rtb-csync.smartadserver.com	ofuxico.com.br
1	simage2.pubmatic.com	ofuxico.com.br
1	match.taboola.com	ofuxico.com.br
1	adservice.google.pl	securepubads.g.doubleclick.net
1	me.jsuol.com.br	tm.jsuol.com.br
1	cookies.pn.vg	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
453	80

This site contains links to these domains. Also see Links.

Domain
youtube.com
www.instagram.com
twitter.com
facebook.com
think4.com.br
www.ofuxico.com.br
popup.taboola.com
alerabat.com
partners.etoro.com
xtroglobal.com
instagram.com

Subject Issuer	Validity	Valid
psec04.uol.com.br R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
embedsocial.com GTS CA 1D2	`2021-01-17` - `2021-04-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-03` - `2022-02-08`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.google.pl GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
system360.inistrack.net R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-03-09`	a month	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://ofuxico.com.br/
Frame ID: B7F1C7B2D2D0650988EC23A54A349A77
Requests: 224 HTTP requests in this frame

Frame: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Frame ID: EB6019E25F5E01F541041F0344760B60
Requests: 13 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: 15A24CF328CC6F566E865373652B763D
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: B4E2A002C6DB5ABF4F4C6822A080681E
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa&tbid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&query=taboola_hm%3Da84f6002-47a2-45c3-8858-02495150abfa&isDirect=0
Frame ID: C1CF75FFD7BBCC0DF1DE83962D38DE14
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: EE883D894016258977103D23F1146DED
Requests: 13 HTTP requests in this frame

Frame: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: C4037CBCF6731AF411A820C21AD974A6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
Frame ID: 6E5F9387549CE55871C1140558E06D92
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BFE8A3F5609F08392E1992F2CB220C5A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
Frame ID: 7158289834EFF88FD23482359DEF5BB8
Requests: 13 HTTP requests in this frame

Frame: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 09209DCC259FBEDE2974FF8C02F9AAD7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
Frame ID: D3AE5577C63D099DA87002E8740D1AA7
Requests: 4 HTTP requests in this frame

Frame: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 07142145DC8D59C798DAC510F51E59F3
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
Frame ID: E7D3D2A7DE5C45267CB7C37DBC135F5F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
Frame ID: 805C2AB392D24C86ED7D912362223143
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85F7464DE0834001713E5C959A212116
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8733578000215101729/index.html
Frame ID: 415895DAE814B30C24F589584325D8C6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 018E0F013B02AC5F3F4B9325CBCB3E6D
Requests: 3 HTTP requests in this frame

Frame: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F714E6142EF32F9ED728CF183227AD7F
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
Frame ID: B6208C701A98332EDC40E87D102B327B
Requests: 11 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 0DA15A82EA350D388D65EC0608B8BCF2
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: A44639D80579B4DF9620036F6555C48B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
Frame ID: 6CE8115E5D997AEAC7279E3784BA3301
Requests: 45 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6EE3C11A6D0B6567FDEB2E44F526A495
Requests: 2 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: E093A416CAEB83FF5513C0DAFCD87C34
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: 88692729B4607F0F529B37C0B1A800E9
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_pt_br.html
Frame ID: 0AEBC02F234FA4EAA7AEE2CE11616E63
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AAC3E080BA3B41CFC64FD8A2DF4A9400
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ofuxico.com.br/ HTTP 301
https://ofuxico.com.br/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

Page Statistics

453
Requests

100 %
HTTPS

46 %
IPv6

50
Domains

80
Subdomains

64
IPs

11
Countries

6567 kB
Transfer

12674 kB
Size

5
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/ofuxico
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ofuxico.oficial/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/ofuxico_oficial
Title: Twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/Ofuxico
Title: Facebook

Search URL Search Domain Scan URL

URL: http://think4.com.br/
Title: Think4

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/perucas-laces-saiba-mais-sobre-a-tendencia-no-mundo-dos-famosos/2021/02/21-396901.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-sarah-tem-tudo-para-ser-campea-veja-os-motivos/2021/02/21-396943.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-juliette-tem-papo-reto-com-karol-sobre-camilla/2021/02/21-396998.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/erick-jacquin-revela-nao-gosto-muito-da-palavra-chef-porque-somos-todos-cozinheiros/2021/02/21-396918.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/depressao-dda-ansiedade-problemas-que-foram-revelados-em-reality-show/2021/02/21-396920.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-pocah-enquadra-karol-sobre-briga-com-camilla/2021/02/21-396999.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-pocah-e-projota-engrossam-coro-contra-karol/2021/02/21-397001.html
Title:

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ofuxico&utm_medium=referral&utm_content=thumbnails-d:Below%20Article%20Thumbnails%20-%20Home:
Title: por taboola

Search URL Search Domain Scan URL

URL: https://alerabat.com/extension/lp-campaign-1-whitev4?utm_source=Unitedapp&utm_medium=CPA&utm_campaign=AleRabat-Taboola&utm_term=Taboola&utm_content=ad&utm_source=Unitedapp&utm_medium=CPC&utm_campaign=Taboola&tblci=GiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCDJ8lIoiM_6n5KLvJMo#tblciGiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCDJ8lIoiM_6n5KLvJMo
Title: AleRabat

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=PL_HF_Desk_Blogpost_Crypto_Bitcoin40K2021_07-02-21_Taboola_AFFID_45729_&TargetURL=https://www.etoro.com/pl/news-and-analysis/etoro-updates/bitcoin-40k-2021/&utm_source=taboola&utm_medium=referral&tblci=GiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCY_Ego3fW8k9XJp0A#tblciGiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCY_Ego3fW8k9XJp0A
Title: eToro

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=PL_HF_Desk_Blogpost_Stocks_PharmaStocks_26-01-21_Taboola_AFFID_45729_&TargetURL=https://www.etoro.com/pl/news-and-analysis/etoro-updates/big-pharma-vaccine/&utm_source=taboola&utm_medium=referral&tblci=GiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCY_EgooMvBp8r64pUX#tblciGiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCY_EgooMvBp8r64pUX
Title: eToro

Search URL Search Domain Scan URL

URL: https://xtroglobal.com/r/EXlpea3Zdv-BpbNQyPviR?utm_source=650&utm_medium=13&utm_campaign=28023&utm_content=29122&utm_domain=ofuxico.com.br&utm_title=Ta+60-latka+usun%C4%99%C5%82a+wszystkie+zmarszczki+banalnym%2C+domowym+trikiem...&utm_platform=Desktop&utm_site=ofuxico&utm_campaign_id=7590587&utm_campaing_name=PL+LS.Eternelle+Day+%5BD%5D+07.12&utm_source=taboola&utm_medium=referral&tblci=GiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCp01Eo1sHl4vP1mulw#tblciGiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCCp01Eo1sHl4vP1mulw
Title: LS. Eternelle

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/filha-de-kobe-bryant-assina-com-agencia-de-gisele-bundchen/2021/02/20-396877.html
Title: Modelo Filha de Kobe Bryant assina com agência de Gisele Bündchen

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/madonna-fecha-acordo-com-a-netflix-para-documentario/2021/02/20-396878.html
Title: Netflix Madonna fecha acordo para documentário

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/eliminacao-recorde-no-bbb21-belo-preso-larissa-manoela-solteira-o-que-foi-noticia-nesta-semana/2021/02/20-396930.html
Title: Resumo Notícias que marcaram o mundo dos famosos

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/motivos-para-ver-para-todos-os-garotos-que-ja-amei-agora-e-para-sempre/2021/02/20-396907.html
Title: Para todos Motivos para ver a franquia que conquistou o mundo

Search URL Search Domain Scan URL

URL: https://instagram.com/ofuxico.oficial
Title: Instagram

Search URL Search Domain Scan URL

URL: https://think4.com.br/
Title: Think4

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-minhas-duas-opcoes-sao-pocah-e-projota-diz-sarah/2021/02/19-396865.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-pocah-e-projota-detonam-karol-conka/2021/02/20-396957.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-karol-detona-camilla-de-lucas-apos-briga/2021/02/20-396988.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-equipe-de-fiuk-diz-que-brother-esta-em-abstinencia-de-medicamentos/2021/02/14-396439.html
Title:

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/ex-namorado-de-perlla-desabafa-ela-e-muito-mentirosa/2021/02/17-396744.html

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/bbb/noticias/bbb21-jogador-de-futebol-e-escroto-diz-lumena-de-arthur/2021/02/20-396950.html

Search URL Search Domain Scan URL

URL: https://www.ofuxico.com.br/noticias-sobre-famosos/carlinhos-brown-posa-ao-lado-dos-seis-filhos-e-encanta/2021/02/18-396796.html

Search URL Search Domain Scan URL

URL: https://alerabat.com/extension/lp-campaign-1-whitev4?utm_source=Unitedapp&utm_medium=CPA&utm_campaign=AleRabat-Taboola&utm_term=Taboola&utm_content=ad&utm_source=Unitedapp&utm_medium=CPC&utm_campaign=Taboola&tblci=GiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCDJ8lIopsaRw6qXlvsD#tblciGiAf8pcZxDJPH1fQfHYVo0yEYXLaPWYfsBcAgCBj4WaSNCDJ8lIopsaRw6qXlvsD
Title: AleRabat

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ofuxico&utm_medium=referral&utm_content=blend-thumbs-feed-01-b:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ofuxico.com.br/ HTTP 301
https://ofuxico.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a HTTP 301
https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/

Request Chain 181

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=https%3A%2F%2Fofuxico.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=https%3A%2F%2Fofuxico.com.br%2F&c9=&cs_ak_ss=1

Request Chain 205

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa&tbid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&query=taboola_hm%3Da84f6002-47a2-45c3-8858-02495150abfa&isDirect=0

Request Chain 207

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=77CaAquxbvNA&ev=1&orig=trc&pid=562107

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKC3rD7XSsYaCaBB_J_XyfU&google_cver=1

Request Chain 211

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9

Request Chain 212

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e9a93081-7207-4255-a71c-4453a9636e55

Request Chain 213

https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 218

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3ca77f30-115c-42b0-ac6d-cc05dbb3915b

Request Chain 219

https://id5-sync.com/s/464/9.gif?puid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOKoZrMKRujmRLHn8HQJrAGEKpI8Yvl5SYMbZt6g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOKoZrMKRujmRLHn8HQJrAGEKpI8Yvl5SYMbZt6g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=01688cf7-d454-432a-905e-fbbdc8a426b9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELF1MEbW_0wWHNXUu7xwcE0&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELF1MEbW_0wWHNXUu7xwcE0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELF1MEbW_0wWHNXUu7xwcE0%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1165753542662815185&opid=apx&ops=&utidl=tech:goo:CAESELF1MEbW_0wWHNXUu7xwcE0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11307411827&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Request Chain 220

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B4NopF1uB-eD8SqHO1oyYA

Request Chain 223

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=7d012983-8671-4de5-a713-36fbe1779cf2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a84f6002-47a2-45c3-8858-02495150abfa&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7d012983-8671-4de5-a713-36fbe1779cf2

Request Chain 250

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1&C=1

Request Chain 266

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDJaO3KXlsVSIQPeDytQxAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

Request Chain 301

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDJaO576bSZJ8Xi7686RUwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECFvA66VqHgby3wSXRqkQX8&google_cver=1

Request Chain 320

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NTc1MzU0MjY2MjgxNTE4NQ%3D%3D

Request Chain 321

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1

Request Chain 322

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjRiNWVhMDktMjQzZi0yMDgzLWY2ZTYtNmY1MDZmMDY2NDE0

Request Chain 360

https://gde-default.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777 HTTP 301
https://gde-default.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777

Request Chain 379

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLF5WWS4-14-3PRV&sigv=1&esig=2~6c09b44baeb9c019fdd6ee1526720d5cee37b065&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU HTTP 302
https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLF5WWS4-14-3PRV&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Request Chain 380

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/baI_84B8_ndNRV_G6KOXTcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Request Chain 381

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&put=CAESEB6WalWMhmqrDS5tJSiWFmU&google_cver=1

Request Chain 382

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6ec76032-5a3d-4e00-a94b-01203d1c7ff3&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Request Chain 383

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xGNVdXUzQtMTQtM1BSVg==&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Request Chain 385

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&_test=YDJaPQAAAHaOzirK HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDJaPQAAAHaOzirK&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&_test=YDJaPQAAAHaOzirK

Request Chain 386

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e2fd882f-196b-4ef2-94b3-20f098e32f9a&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&expires=30

453 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ofuxico.com.br/
Redirect Chain

http://ofuxico.com.br/
https://ofuxico.com.br/

79 KB
13 KB

898ms
439ms

Document
text/html

200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

26795dbfb60d0b5e19ff894b7afc1fe8422bc8409775dbb4e1a920a25255c52f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ofuxico.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sun, 21 Feb 2021 13:03:51 GMT
content-type: text/html
content-length: 13372
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 21 Feb 2021 13:07:43 GMT
x-varnish: 770283462 750580381
age: 68
via: CacheUOL
x-cache: HIT
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Sun, 21 Feb 2021 13:03:50 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://ofuxico.com.br/

GET
H2 200 css
fonts.googleapis.com/ 3 KB
683 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Feb 2021 11:36:57 GMT
server: ESF
date: Sun, 21 Feb 2021 13:03:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Feb 2021 13:03:51 GMT

GET
H2 200 stylesheet.min.css
ofuxico.com.br/skin/fonts/montserrat/ 164 B
398 B 237ms
233ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/fonts/montserrat/stylesheet.min.css

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1bac0e3e4eb5e3ed97e2417f97ebfa584208a7f20b44b0f303a039090d2eeb67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:23:44 GMT
server: nginx
age: 338989
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 456666161 2818942
accept-ranges: bytes
content-length: 118
expires: Fri, 19 Mar 2021 14:54:02 GMT

GET
H2 200 jquery.jscrollpane.min.css
ofuxico.com.br/skin/css/ 909 B
680 B 236ms
233ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/css/jquery.jscrollpane.min.css

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1f739dacb5198aee81d7762699ae4763f6978230a4f6c76fb942291c0571fd76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:23:14 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 770283501 632816625
accept-ranges: bytes
content-length: 399
expires: Wed, 03 Mar 2021 14:21:11 GMT

GET
H2 200 owl.carousel.min.css
ofuxico.com.br/skin/css/ 3 KB
1 KB 442ms
439ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/css/owl.carousel.min.css

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

01420977a0175804243c64c21a3dc0c75e8cf9c5c26fe357a5a883de25dee124

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:23:08 GMT
server: nginx
age: 1723195
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 537072416 337645291
accept-ranges: bytes
content-length: 895
expires: Wed, 03 Mar 2021 14:23:56 GMT

GET
H2 200 animate.min.css
ofuxico.com.br/skin/css/ 55 KB
4 KB 237ms
234ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/css/animate.min.css

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

01eb82dd42f331969d90e15b87fb84e27b99878c34797425c44ab1dce61a51b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:22:44 GMT
server: nginx
age: 1723301
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 597865409 516427050
accept-ranges: bytes
content-length: 3981
expires: Wed, 03 Mar 2021 14:22:10 GMT

GET
H2 200 style.min.css
ofuxico.com.br/skin/css/ 62 KB
11 KB 244ms
241ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/css/style.min.css?v=3

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

85416302f7412a12dddded6856bc0c036699d2f0effbcb4081dc5f0a604c4fa7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 10 Dec 2020 13:23:00 GMT
server: nginx
age: 1723301
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 786414043 670932333
accept-ranges: bytes
content-length: 11050
expires: Wed, 03 Mar 2021 14:22:10 GMT

GET
H2 200 mobile.min.css
ofuxico.com.br/skin/css/ 22 KB
5 KB 248ms
246ms Stylesheet
text/css 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/css/mobile.min.css?v=3

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

cf9c22a59942904bd94f6a3b732fef1124e26468f55517d124135ec349f2c098

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 06 Jan 2021 21:00:38 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
via: CacheUOL
cache-control: max-age=2592000
x-varnish: 441729759 191057839
accept-ranges: bytes
content-length: 4747
expires: Wed, 03 Mar 2021 14:21:11 GMT

GET
H2 200 jquery.min.js Show response
ofuxico.com.br/js/ 90 KB
32 KB 444ms
442ms Script
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/js/jquery.min.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

11a70a94cf6c3be13956b1599acb07a6a1ef7e6275d8ce06c79cb14e39b18fe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:33:24 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
via: CacheUOL
cache-control: max-age=31536000
x-varnish: 801209930 815073450
accept-ranges: bytes
content-length: 32695
expires: Tue, 01 Feb 2022 14:21:11 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
ofuxico.com.br/js/ 4 KB
2 KB 453ms
451ms Script
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/js/jquery.mousewheel.min.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

5cb8a143faf9938c654f5268d70755f86dad8f356827bed0a1d23ba586f45dbd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 09 Dec 2016 13:26:54 GMT
server: nginx
age: 1722363
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
via: CacheUOL
cache-control: max-age=31536000
x-varnish: 460539805 515956809
accept-ranges: bytes
content-length: 1277
expires: Tue, 01 Feb 2022 14:37:48 GMT

GET
H2 200 jquery.jscrollpane.min.js Show response
ofuxico.com.br/js/ 15 KB
5 KB 453ms
451ms Script
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/js/jquery.jscrollpane.min.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

771e433e8cfc1ba183e082cbf0764d60abef7d57ed7f0743da7b73404a1303de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 28 Dec 2017 14:07:14 GMT
server: nginx
age: 338751
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
via: CacheUOL
cache-control: max-age=31536000
x-varnish: 453901505 5637241
accept-ranges: bytes
content-length: 5030
expires: Thu, 17 Feb 2022 14:58:00 GMT

GET
H2 200 owl.carousel.min.js Show response
ofuxico.com.br/js/ 39 KB
11 KB 453ms
452ms Script
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/js/owl.carousel.min.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 11 Oct 2017 14:17:34 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
via: CacheUOL
cache-control: max-age=31536000
x-varnish: 768001734 114166859
accept-ranges: bytes
content-length: 10522
expires: Tue, 01 Feb 2022 14:21:11 GMT

GET
H2 200 script.min.js Show response
ofuxico.com.br/js/ 8 KB
3 KB 465ms
464ms Script
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/js/script.min.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4e073dd0b33d9ad25f6fb171e72b24a69d39b8affbe17b44abb0fc5aeb44bd5e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 03 Sep 2020 23:09:15 GMT
server: nginx
age: 1723163
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
via: CacheUOL
cache-control: max-age=31536000
x-varnish: 600351028 1031049267
accept-ranges: bytes
content-length: 2379
expires: Tue, 01 Feb 2022 14:24:28 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 129 KB
28 KB 241ms
9ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 04b5ba69df7b48d8349fa143003940b5667598bc49c7cf131ac479d0e337aa2d

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:15 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 18:43:53 GMT
server: marrakesh 1.16.6
age: 997
etag: b48ee613a15ee93b9dc587831f381f65
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
content-length: 28500
x-amz-cf-id: bQ7N4TK0y_TqAWiuqgwNgy-60MXbbmTitZ1Y2EA_143ypAQlg-rBJQ==
expires: Sun, 21 Feb 2021 13:47:15 GMT

GET
H2 200 b27ebdda-2849-404f-9415-caf643b936ad.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 47ms
14ms Script
text/javascript 2606:4700:3035::ac43:9ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/b27ebdda-2849-404f-9415-caf643b936ad.js
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e996bf803f95f20c5922dfe391971a3030712956355e534de07e3b7ffe6c99

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: 1.1 2afd697fc5d0058ea30d6c4b939e714d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 602
x-cache: Hit from cloudfront
content-encoding: br
cf-request-id: 086649838100004ec7d3997000000001
last-modified: Tue, 06 Oct 2020 08:23:57 GMT
server: cloudflare
etag: W/"a189a072c2c3f3099772a794896b8bec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xPux1NGS0Eufxy3T9WBA9StlT%2BvIF0XrIny79P1ZH0NR4%2FbQB7vDuGUwpdq0LdQYob6Oz5p91LCOPXENnoESs%2F7Qgy5s0Y9w%2B3x2rCTa3d5Ot3VHt28%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: OSL50-C1
cf-ray: 6250ab7f3c2a4ec7-FRA
x-amz-cf-id: 1ICzm4a-TTzIeVQM2AHZ5DX0EtVsUbnznPfZaafyM_i3-hKzdKW3jw==

GET
H2 200 ofuxico-20anos.png
ofuxico.com.br/skin/img/ 28 KB
28 KB 255ms
236ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ofuxico-20anos.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

dae614ef894f0918f6333e52adf3b278a0fdcaa5c973f74244e236b7d84a77b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Wed, 30 Sep 2020 03:06:25 GMT
server: nginx
age: 339071
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 459808274 5243020
accept-ranges: bytes
content-length: 28299
expires: Fri, 19 Mar 2021 14:52:41 GMT

GET
H2 200 ico-ofuxico.png
ofuxico.com.br/skin/img/ 2 KB
2 KB 252ms
233ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-ofuxico.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

b1f6f22b5ef3af4359b0b3bff87cf72327d9e1ee48ae9f0b605c211116ff89e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:46 GMT
server: nginx
age: 1723342
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 295906015 689450252
accept-ranges: bytes
content-length: 1574
expires: Wed, 03 Mar 2021 14:21:29 GMT

GET
H2 200 caio-conversa-com-psicologa-apos-surto-no-almoco-do-anjo_396475_36_397013_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 262ms
243ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/caio-conversa-com-psicologa-apos-surto-no-almoco-do-anjo_396475_36_397013_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

dd3a27037d1fbe26c1b928fa186ff46b56532943f18e1434898169518a0ba4c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:57:04 GMT
server: nginx
age: 204
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459656302 401202080
accept-ranges: bytes
content-length: 1671
expires: Tue, 23 Mar 2021 13:00:27 GMT

GET
H2 200 viih-tube-chegando-ao-confessionario-para-ser-atendida_397011_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 260ms
240ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/viih-tube-chegando-ao-confessionario-para-ser-atendida_397011_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f2292ba78d159dfd68f04afe20349f461ebe2b848d99ea4884bf3b1d010a437b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:47:18 GMT
server: nginx
age: 227
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 596859791 594539437
accept-ranges: bytes
content-length: 1586
expires: Tue, 23 Mar 2021 13:00:04 GMT

GET
H2 200 andressa-urach-mostrando-perna-tatuada_397009_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 264ms
245ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/andressa-urach-mostrando-perna-tatuada_397009_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

a55a157931b320c514e7c6231ec0d047868a742a643128b959ad32bd353216c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:35:12 GMT
server: nginx
age: 1122
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459808276 460128704
accept-ranges: bytes
content-length: 1834
expires: Tue, 23 Mar 2021 12:45:09 GMT

GET
H2 200 sarah-com-joao-e-carla_397007_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 1 KB
2 KB 259ms
240ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/sarah-com-joao-e-carla_397007_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f0486aac80f446bd8f22fe8623568a47f7a78c5592295c7a391a49d84e7935f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:22:18 GMT
server: nginx
age: 2025
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 788371602 783768502
accept-ranges: bytes
content-length: 1414
expires: Tue, 23 Mar 2021 12:30:06 GMT

GET
H2 200 sarah-e-juliette_397005_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 263ms
244ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/sarah-e-juliette_397005_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

46cd86088be0377b1b66043dd94e7ffd54ec0b5b137f571804583b41407bfb15

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:14:14 GMT
server: nginx
age: 2922
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 196295821 372307178
accept-ranges: bytes
content-length: 1577
expires: Tue, 23 Mar 2021 12:15:09 GMT

GET
H2 200 casamento-lorena-improta-leo-santana_397004_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 262ms
243ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/casamento-lorena-improta-leo-santana_397004_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

0534199a043ec608a67560ef3a9bf04b08d9c0bc12bb551d597ef53c842f18cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:58:19 GMT
server: nginx
age: 3808
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 802382616 805766275
accept-ranges: bytes
content-length: 1891
expires: Tue, 23 Mar 2021 12:00:23 GMT

GET
H2 200 boca-rosa-e-fred-juntinhos_397003_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 398ms
396ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/boca-rosa-e-fred-juntinhos_397003_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d008d35685161b1269f1127535c40c992216b77db50b83b39de20b82962c0f8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:49:39 GMT
server: nginx
age: 3826
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 295906020 766063262
accept-ranges: bytes
content-length: 1718
expires: Tue, 23 Mar 2021 12:00:05 GMT

GET
H2 200 leifert-no-bbb21_397002_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 2 KB
2 KB 234ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/leifert-no-bbb21_397002_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

a128270547b516ee0bf212c2d071200c1f0ad53b2fcc720bcae429588c89c124

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:34:54 GMT
server: nginx
age: 4728
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 788988203 783431601
accept-ranges: bytes
content-length: 2104
expires: Tue, 23 Mar 2021 11:45:04 GMT

GET
H2 200 sarah-segurando-e-apontado-para-cartaz-com-coroa-do-lider_396943_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 2 KB
2 KB 398ms
395ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/sarah-segurando-e-apontado-para-cartaz-com-coroa-do-lider_396943_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

a9c5fe5ad811584a80899a7f489257476ff32d809a712601439c01aba51958a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 23:15:41 GMT
server: nginx
age: 8320
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 453931638 451012537
accept-ranges: bytes
content-length: 1714
expires: Tue, 23 Mar 2021 10:45:11 GMT

GET
H2 200 fiuk-tdah_396937_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 2 KB
2 KB 399ms
397ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/fiuk-tdah_396937_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f809f9b0ad51b5d62f752e31a41ad4b8d23f7b9334f40bf7958eb2b15bdc0504

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 22:23:35 GMT
server: nginx
age: 9224
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 532442251 563525707
accept-ranges: bytes
content-length: 1551
expires: Tue, 23 Mar 2021 10:30:08 GMT

GET
H2 200 perucas-lace-ana-maria-braga-e-luiz-crispim_396901_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 2 KB
2 KB 400ms
398ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/perucas-lace-ana-maria-braga-e-luiz-crispim_396901_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f2026f7046f204c89714d70a88030164b1143c06d9f165ce72d093b0eb31cbe1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:07:15 GMT
server: nginx
age: 10125
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 439965515 391245081
accept-ranges: bytes
content-length: 1853
expires: Tue, 23 Mar 2021 10:15:07 GMT

GET
H2 200 erick-jacquin-de-avental_396918_36_thumb_4.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 2 KB
2 KB 397ms
395ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/erick-jacquin-de-avental_396918_36_thumb_4.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

354d40d32e69ddb6a1d76fc2bb135e2a2ae54f88983287a6001b4bad71865647

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 19:21:46 GMT
server: nginx
age: 10123
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 803530705 801683280
accept-ranges: bytes
content-length: 1912
expires: Tue, 23 Mar 2021 10:15:09 GMT

GET
H2 200 10_51740_1109_thumb_37785.jpg
stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/ 28 KB
28 KB 398ms
396ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/10_51740_1109_thumb_37785.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

66ccbea6ed7166114e759e14cfd32f946301775a152e074d18e95d3bf58a1e23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:20:07 GMT
server: nginx
age: 6165
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 440068609 441615071
accept-ranges: bytes
content-length: 28778
expires: Tue, 23 Mar 2021 11:21:06 GMT

GET
H2 200 20_51741_1109_thumb_37785.jpg
stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/ 40 KB
40 KB 400ms
398ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/20_51741_1109_thumb_37785.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

bfa5f6923b0b2e8f62cb090902d4047b6e94eb8e3800b5de7d0d54386ff2d070

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:21:40 GMT
server: nginx
age: 6094
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 803887173 803904182
accept-ranges: bytes
content-length: 40661
expires: Tue, 23 Mar 2021 11:22:17 GMT

GET
H2 200 30_51742_1109_thumb_37785.jpg
stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/ 32 KB
32 KB 233ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/30_51742_1109_thumb_37785.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

736ba4d82138ce7fa1aa4e278bb2b36ea104a287bf10af9f11f521487f74d410

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:22:48 GMT
server: nginx
age: 6037
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 537072424 531317199
accept-ranges: bytes
content-length: 32414
expires: Tue, 23 Mar 2021 11:23:15 GMT

GET
H2 200 40_51743_1109_thumb_37785.jpg
stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/ 46 KB
46 KB 233ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/40_51743_1109_thumb_37785.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

cb9ce0adb5d29907315af3769e933e263ccb245bfb6f65c19847e7bc1c17a2b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:24:02 GMT
server: nginx
age: 5972
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 600969608 596943713
accept-ranges: bytes
content-length: 46667
expires: Tue, 23 Mar 2021 11:24:20 GMT

GET
H2 200 50_51744_1109_thumb_37785.jpg
stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/ 22 KB
23 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_carrossel/2021/02/21/50_51744_1109_thumb_37785.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

6c6c9da3267c9732d86c810eee43bf8f9ee16ebc80b713c136265ccd13e536b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:25:59 GMT
server: nginx
age: 5856
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 441917367 434919860
accept-ranges: bytes
content-length: 22823
expires: Tue, 23 Mar 2021 11:26:16 GMT

GET
H2 200 secundario2_141493_1093_thumb_37782.jpg
stc.ofuxico.com.br/img/upload/destaque_secundario/2021/02/21/ 5 KB
5 KB 397ms
394ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_secundario/2021/02/21/secundario2_141493_1093_thumb_37782.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

38dbd732eeda57b1f2a56705130c839a7e06f276692e8898f037682feb762035

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:18:22 GMT
server: nginx
age: 6294
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 601132767 592799949
accept-ranges: bytes
content-length: 5349
expires: Tue, 23 Mar 2021 11:18:57 GMT

GET
H2 200 secundario1_141492_1093_thumb_37782.jpg
stc.ofuxico.com.br/img/upload/destaque_secundario/2021/02/21/ 4 KB
4 KB 395ms
393ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_secundario/2021/02/21/secundario1_141492_1093_thumb_37782.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

76cccf3fc40e7135dfac13135d69b1419d3d422622724d2e79c4d21639338f38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:17:11 GMT
server: nginx
age: 6340
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 533587812 530312025
accept-ranges: bytes
content-length: 3937
expires: Tue, 23 Mar 2021 11:18:11 GMT

GET
H2 200 redondo1_3559_1100_thumb_37783.jpg
stc.ofuxico.com.br/img/upload/destaque_redondo/2021/02/21/ 4 KB
4 KB 395ms
393ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_redondo/2021/02/21/redondo1_3559_1100_thumb_37783.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ede30e2eb3f4ae23af213841bb7952cf967b45fa1b8744ed3edb07e4355112ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:36:57 GMT
server: nginx
age: 5205
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 457435456 457976365
accept-ranges: bytes
content-length: 3861
expires: Tue, 23 Mar 2021 11:37:06 GMT

GET
H2 200 caio-sofre-novo-tombo-destaque_136685_1086_thumb_37780.jpg
stc.ofuxico.com.br/img/upload/destaque_principal/2021/02/21/ 10 KB
10 KB 234ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/destaque_principal/2021/02/21/caio-sofre-novo-tombo-destaque_136685_1086_thumb_37780.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

32f151abcb09349d8f3184f7d58dd81dea533ab1c6f8e0284678d95c448009aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 04:45:03 GMT
server: nginx
age: 29795
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 766076306 761991333
accept-ranges: bytes
content-length: 9765
expires: Tue, 23 Mar 2021 04:47:16 GMT

GET
H2 200 6_2427_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 27 KB
27 KB 379ms
378ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/6_2427_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

421b4b718ea28fc78f4e05ca4f8c9da0ae903f745d7e7ce023b167f240f35fff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:37:48 GMT
server: nginx
age: 36221
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 600059048 587757443
accept-ranges: bytes
content-length: 27381
expires: Tue, 23 Mar 2021 03:00:11 GMT

GET
H2 200 5_1611_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 24 KB
24 KB 382ms
381ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/5_1611_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

44f702c12d937b18a6b2a9d7b458fc52ae9f7ef8f0953364f4890afef50c6d36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:36:06 GMT
server: nginx
age: 36165
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 537985503 524105544
accept-ranges: bytes
content-length: 24548
expires: Tue, 23 Mar 2021 03:01:06 GMT

GET
H2 200 3_659_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 36 KB
37 KB 381ms
380ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/3_659_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ae33e36171bc1a9aa4987fa814b70839760ae22d3d9622c0c820cfa245dfe4bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:34:01 GMT
server: nginx
age: 36112
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 783053052 776492048
accept-ranges: bytes
content-length: 37288
expires: Tue, 23 Mar 2021 03:02:00 GMT

GET
H2 200 4_1367_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 28 KB
28 KB 229ms
229ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/4_1367_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d92b8b93d130ce7a5985fb53086b748d83822cc675ef70af6a0d6bc2adb6fb36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:35:18 GMT
server: nginx
age: 36213
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 806724819 797193269
accept-ranges: bytes
content-length: 28864
expires: Tue, 23 Mar 2021 03:00:19 GMT

GET
H2 200 2_660_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 29 KB
29 KB 233ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/2_660_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

2e4f361fdb026c533b9b9c0531664c549311115d6ce5a07f47c898dc6d2d849c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:32:56 GMT
server: nginx
age: 36166
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459578545 449683696
accept-ranges: bytes
content-length: 29884
expires: Tue, 23 Mar 2021 03:01:06 GMT

GET
H2 200 1_657_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/ 23 KB
23 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/02/21/1_657_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

9211661c792630e5849c7e52d1339af7443eadce3e368f53b1a5399b0f2011b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Tue, 21 Feb 2017 11:31:59 GMT
server: nginx
age: 36221
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 768913606 750080512
accept-ranges: bytes
content-length: 23622
expires: Tue, 23 Mar 2021 03:00:11 GMT

GET
H2 200 sophie-turner_2786_251_thumb_37795.jpg
stc.ofuxico.com.br/img/upload/celebridade/2020/05/15/ 4 KB
4 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2020/05/15/sophie-turner_2786_251_thumb_37795.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d248fce2ebb3a1129a2ae8a8f69c75ea2283a49fb5e6f8eaf2904d7585a10109

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Sat, 16 May 2020 00:56:47 GMT
server: nginx
age: 36219
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 460067055 446820396
accept-ranges: bytes
content-length: 3793
expires: Tue, 23 Mar 2021 03:00:13 GMT

GET
H2 200 nadi-genesis_18924_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
7 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/nadi-genesis_18924_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

c50e2ce6b368dceffa58437e184d0e15eff0f37ddf633791aed42d1014b44b9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:36:08 GMT
server: nginx
age: 34175
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 768364221 753631176
accept-ranges: bytes
content-length: 6932
expires: Tue, 23 Mar 2021 03:34:17 GMT

GET
H2 200 kissare-genesis_18925_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 11 KB
11 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/kissare-genesis_18925_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

279cc8aacef41bc8a3d8fbe7d22bb728653a6f56d66e218ebbd66a6f5ca05441

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:38:38 GMT
server: nginx
age: 34249
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 533653650 520844951
accept-ranges: bytes
content-length: 10752
expires: Tue, 23 Mar 2021 03:33:03 GMT

GET
H2 200 morabi-genesis_18926_76_thumb_37774.jpeg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 8 KB
8 KB 231ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/morabi-genesis_18926_76_thumb_37774.jpeg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

b24e2c45da540fe529b5cc6d049da0d7f2dabfeadc165d68b1b3ed28649ff713

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:42:59 GMT
server: nginx
age: 33708
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 444268554 38733142
accept-ranges: bytes
content-length: 8299
expires: Tue, 23 Mar 2021 03:42:04 GMT

GET
H2 200 danina-genesis_18927_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 9 KB
10 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/danina-genesis_18927_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

6e72ea545abbdbfb27fd39d1843bc7fce97e359b27f95bb9b22ef54f1c2e84b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:45:29 GMT
server: nginx
age: 33758
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 807146188 798630739
accept-ranges: bytes
content-length: 9561
expires: Tue, 23 Mar 2021 03:41:14 GMT

GET
H2 200 hara-genesis_18928_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 5 KB
5 KB 232ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/hara-genesis_18928_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

5eba5e9592f73b7fdc4f0ab5ed80846a2a5f30fba5a2ca3d3c13a5fe2c0108bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:48:36 GMT
server: nginx
age: 33707
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 462719708 450620922
accept-ranges: bytes
content-length: 4840
expires: Tue, 23 Mar 2021 03:42:05 GMT

GET
H2 200 quirino-nicole-beijo_18897_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
8 KB 233ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/quirino-nicole-beijo_18897_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

fcb61bde3081522669de6e33879f46e821595db94961ead57722ba55d1a1908a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:43:26 GMT
server: nginx
age: 35686
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 767344435 759155240
accept-ranges: bytes
content-length: 7672
expires: Tue, 23 Mar 2021 03:09:06 GMT

GET
H2 200 dionisio-algemado_18898_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 11 KB
11 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/dionisio-algemado_18898_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

5bb126590c1302a68219017c48638d013e2b07f11cd1f26eb89061f7756cc7be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:46:54 GMT
server: nginx
age: 35561
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 535770834 528354349
accept-ranges: bytes
content-length: 11455
expires: Tue, 23 Mar 2021 03:11:12 GMT

GET
H2 200 quirino-flor-caribe_18899_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 8 KB
8 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/quirino-flor-caribe_18899_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

aa1ef3e059b0eb9271479c468f33288388cfb75c05e24b0b2833c874aee49ca0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:51:25 GMT
server: nginx
age: 35688
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 597841257 590031019
accept-ranges: bytes
content-length: 7716
expires: Tue, 23 Mar 2021 03:09:04 GMT

GET
H2 200 pedro-chora-colo-cica-sofa-lacos-familia_18913_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 8 KB
9 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/pedro-chora-colo-cica-sofa-lacos-familia_18913_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e1cd1dd59b3c716a09386be7adb007469b1358d9fa7b890eb434dc438340c12e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:51:22 GMT
server: nginx
age: 34739
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 784881477 776466451
accept-ranges: bytes
content-length: 8600
expires: Tue, 23 Mar 2021 03:24:54 GMT

GET
H2 200 helena-lacos-familia-saudade-miguel_18914_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 6 KB
7 KB 233ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/helena-lacos-familia-saudade-miguel_18914_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d279e228115ac5f5b52fe90dcb85478b70f9f94250c8859365a9a5c24c809094

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:55:57 GMT
server: nginx
age: 34728
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 442609660 433341839
accept-ranges: bytes
content-length: 6627
expires: Tue, 23 Mar 2021 03:25:05 GMT

GET
H2 200 camila-hospital-lacos-familia_18915_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 10 KB
11 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/camila-hospital-lacos-familia_18915_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

cd5dfa72330b9cecf543d271bb15a0f5b805e7ed4922eacf90b7cd2aa5c3d871

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:58:45 GMT
server: nginx
age: 34722
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 804507961 797389413
accept-ranges: bytes
content-length: 10699
expires: Tue, 23 Mar 2021 03:25:10 GMT

GET
H2 200 pedro-camisa-verde-lacos-familia_18916_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 8 KB
8 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/pedro-camisa-verde-lacos-familia_18916_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

0e5b2921b0483216346b015d55f58e78252841cffe1fed66171e5d3b39b87cc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:02:58 GMT
server: nginx
age: 34739
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 807830643 796998926
accept-ranges: bytes
content-length: 8207
expires: Tue, 23 Mar 2021 03:24:54 GMT

GET
H2 200 irir-le-carta-blusa-branca-sentada-cama_18917_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
7 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/irir-le-carta-blusa-branca-sentada-cama_18917_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

233b2d79224e81e21a76130cfdda5ad323ef9c3d1b1fdfa1c2f5465b054a82e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 18:06:34 GMT
server: nginx
age: 34727
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 461875738 452961051
accept-ranges: bytes
content-length: 7015
expires: Tue, 23 Mar 2021 03:25:05 GMT

GET
H2 200 duca-karina-malhacao_18892_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
8 KB 231ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/duca-karina-malhacao_18892_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

9c594ae44df5508149642ffa7f0e9de94638eca56f1140fe223d4d6647716bb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:18:02 GMT
server: nginx
age: 35677
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459578572 444516331
accept-ranges: bytes
content-length: 7643
expires: Tue, 23 Mar 2021 03:09:16 GMT

GET
H2 200 bianca-duda-conversa-malhacao_18893_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 9 KB
9 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/bianca-duda-conversa-malhacao_18893_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4d672cc24359d571abf8dcc5119abdc142d32039be9db93cf509f3d1551f1a5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:24:20 GMT
server: nginx
age: 35607
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 767707557 758570046
accept-ranges: bytes
content-length: 8997
expires: Tue, 23 Mar 2021 03:10:25 GMT

GET
H2 200 gael-malhacao_18894_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 12 KB
12 KB 237ms
237ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/gael-malhacao_18894_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ed83826a35db57699b69f3a7cf9216396dd279d10671d24df8cddd18deb7d9e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:28:12 GMT
server: nginx
age: 35688
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 535770862 528582158
accept-ranges: bytes
content-length: 12316
expires: Tue, 23 Mar 2021 03:09:04 GMT

GET
H2 200 cobra-wallace_18895_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 5 KB
6 KB 237ms
236ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/cobra-wallace_18895_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ceb49c32809338bb4ac8a28ef6f6450ff7fc165cda5245c79b70d1b46e768317

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:33:47 GMT
server: nginx
age: 35607
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 598459731 585844232
accept-ranges: bytes
content-length: 5551
expires: Tue, 23 Mar 2021 03:10:25 GMT

GET
H2 200 sol-malhacao_18896_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 10 KB
10 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/sol-malhacao_18896_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f174546b5275c04ef70ff98c058881464971de76cc7bc54bf174c04c28feacf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:37:12 GMT
server: nginx
age: 35689
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 461091006 452438253
accept-ranges: bytes
content-length: 10249
expires: Tue, 23 Mar 2021 03:09:04 GMT

GET
H2 200 silvana-ameacada-a-forca-do-querer_18907_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 5 KB
6 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/silvana-ameacada-a-forca-do-querer_18907_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

90ce058f239bc560e5a3bf80cc4189e54133f4af922b43a42d14b7e8afaf105f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:24:22 GMT
server: nginx
age: 35202
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 453931660 450565504
accept-ranges: bytes
content-length: 5507
expires: Tue, 23 Mar 2021 03:17:11 GMT

GET
H2 200 cibele-a-forca-do-querer_18908_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
7 KB 235ms
234ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/cibele-a-forca-do-querer_18908_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

5f85ef7b04765a28b55eeaa3cb6132748c39ef3d0c33d2c9e8ab9b335c710e31

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:30:35 GMT
server: nginx
age: 35086
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 765149234 757135127
accept-ranges: bytes
content-length: 6681
expires: Tue, 23 Mar 2021 03:19:07 GMT

GET
H2 200 bibi-a-forca-querer_18909_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 6 KB
7 KB 235ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/bibi-a-forca-querer_18909_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1ea130b8bcae68a3ab8d8d18950a238d07add9d4978f73801e7b5892ecb8a860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:35:31 GMT
server: nginx
age: 34726
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 323938136 529139242
accept-ranges: bytes
content-length: 6509
expires: Tue, 23 Mar 2021 03:25:07 GMT

GET
H2 200 ritinha-enfrenta-joyce_18910_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 9 KB
9 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ritinha-enfrenta-joyce_18910_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ad0f178353b2a2459c85ae633ece2ca2894fbcc9877ee2bb0e299882f3327c76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:39:42 GMT
server: nginx
age: 34686
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 597841279 589905960
accept-ranges: bytes
content-length: 9341
expires: Tue, 23 Mar 2021 03:25:47 GMT

GET
H2 200 rubinho-preso-a-forca-querer_18911_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 11 KB
11 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/rubinho-preso-a-forca-querer_18911_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

771b05dd40957515c7fa9ce2215997d175a66aa7fa3cb1dac3403563e3a8b2b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:42:45 GMT
server: nginx
age: 34678
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 785960529 778122274
accept-ranges: bytes
content-length: 10959
expires: Tue, 23 Mar 2021 03:25:55 GMT

GET
H2 200 ivan-perde-bebe-hospital_18912_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
7 KB 248ms
247ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ivan-perde-bebe-hospital_18912_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

75fbf308d9e8d55ad9a4cc100d61a4b69c50f9fe22193a944d8da7690f145feb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:47:06 GMT
server: nginx
age: 34726
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 786057505 778250927
accept-ranges: bytes
content-length: 7155
expires: Tue, 23 Mar 2021 03:25:07 GMT

GET
H2 200 jessica-shirlei_18900_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 7 KB
7 KB 248ms
247ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/jessica-shirlei_18900_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4af08a523ab94ee2060496be90ebdb9938c20705055674e202c08afd1dbb0ac0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:54:55 GMT
server: nginx
age: 35689
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 284807672 434608105
accept-ranges: bytes
content-length: 7170
expires: Tue, 23 Mar 2021 03:09:04 GMT

GET
H2 200 fedora-leozinho-carro-fogem_18901_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 5 KB
5 KB 247ms
247ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/fedora-leozinho-carro-fogem_18901_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

aa25ea0c4fba51600428c0799bd192848209633d14f98f5fd2288fff967ca38b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:58:23 GMT
server: nginx
age: 35200
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 801209963 794484292
accept-ranges: bytes
content-length: 4922
expires: Tue, 23 Mar 2021 03:17:13 GMT

GET
H2 200 shirlei-medo_18902_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 4 KB
5 KB 248ms
248ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/shirlei-medo_18902_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

de64c0461a696b282568fb287f889183e0adf629d05ceda7302cab249b3f99de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:04:39 GMT
server: nginx
age: 35204
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 458444328 451263144
accept-ranges: bytes
content-length: 4580
expires: Tue, 23 Mar 2021 03:17:09 GMT

GET
H2 200 tancinha-malha-danca-haja-coracao_18903_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 10 KB
10 KB 252ms
251ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/tancinha-malha-danca-haja-coracao_18903_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

7f118c61473166b5046d8d29c4601d335755e4db5c0d9e6c5cfeddc7030d11ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:11:56 GMT
server: nginx
age: 35198
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 454387647 451088122
accept-ranges: bytes
content-length: 10043
expires: Tue, 23 Mar 2021 03:17:15 GMT

GET
H2 200 aparicio-teodora_18904_76_thumb_37774.jpg
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 9 KB
9 KB 253ms
252ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/aparicio-teodora_18904_76_thumb_37774.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

a1b4d1d003454e84ab44b3c1a4f072c8d73e34f48cc8a137170c567fe672650a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 17:14:39 GMT
server: nginx
age: 35208
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 767609553 760127959
accept-ranges: bytes
content-length: 8989
expires: Tue, 23 Mar 2021 03:17:05 GMT

GET
H2 404 rebeca-aparicio_18905_76_thumb_37774.webp
stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/ 0
0 238ms
236ms Image
text/html 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stc.ofuxico.com.br/img/upload/novelas_interna/2021/02/19/rebeca-aparicio_18905_76_thumb_37774.webp
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),
Reverse DNS: manualdaquimica.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 caio-conversa-com-psicologa-apos-surto-no-almoco-do-anjo_396475_36_397013_36_thumb_37789.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 11 KB
11 KB 236ms
235ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/caio-conversa-com-psicologa-apos-surto-no-almoco-do-anjo_396475_36_397013_36_thumb_37789.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

85960a2431074b15081ab5b3278b0986ce29f45ef741964baf7e88f95185d9b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:57:05 GMT
server: nginx
age: 223
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 768001759 769988925
accept-ranges: bytes
content-length: 10942
expires: Tue, 23 Mar 2021 13:00:10 GMT

GET
H2 200 viih-tube-chegando-ao-confessionario-para-ser-atendida_397011_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 6 KB
6 KB 236ms
235ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/viih-tube-chegando-ao-confessionario-para-ser-atendida_397011_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

333870d634fecad63442b60d0e1c2ae3531f3579fea1f675d1e80b3ad9fca38b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:47:18 GMT
server: nginx
age: 223
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 532478916 536875982
accept-ranges: bytes
content-length: 5753
expires: Tue, 23 Mar 2021 13:00:11 GMT

GET
H2 200 andressa-urach-mostrando-perna-tatuada_397009_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 7 KB
8 KB 236ms
236ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/andressa-urach-mostrando-perna-tatuada_397009_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4321535d5473d88502014d3df45f36e2207cdc4471b42da9d9543c88d210e39c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:35:12 GMT
server: nginx
age: 942
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 598720285 595813791
accept-ranges: bytes
content-length: 7505
expires: Tue, 23 Mar 2021 12:48:12 GMT

GET
H2 200 redondo2_4202_1118_thumb_37787.jpg
stc.ofuxico.com.br/img/upload/em_destaque_redondo/2021/02/20/ 4 KB
4 KB 241ms
240ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/em_destaque_redondo/2021/02/20/redondo2_4202_1118_thumb_37787.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

feefb4ccbef7d5535599e69721a6b237e31db513991ccd32ec672958145d3185

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sat, 20 Feb 2021 12:35:20 GMT
server: nginx
age: 88054
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 786808309 748961650
accept-ranges: bytes
content-length: 3918
expires: Mon, 22 Mar 2021 12:36:19 GMT

GET
H2 200 redondo1_4201_1118_thumb_37787.jpg
stc.ofuxico.com.br/img/upload/em_destaque_redondo/2021/02/20/ 4 KB
4 KB 239ms
239ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/em_destaque_redondo/2021/02/20/redondo1_4201_1118_thumb_37787.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

13690fa507f2e309fd69c4e9ba81b0424eaf4b8651a4e10b50086df8729ef3a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sat, 20 Feb 2021 12:34:07 GMT
server: nginx
age: 88118
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 440749551 402339326
accept-ranges: bytes
content-length: 4210
expires: Mon, 22 Mar 2021 12:35:15 GMT

GET
H2 200 prova-do-lider-sarah-campea_13208_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/19/ 52 KB
53 KB 232ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/19/prova-do-lider-sarah-campea_13208_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4a45954282bf4a3ea6bf2ca541cded79d07a010ec75a02336ceb9857b481694e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 05:36:35 GMT
server: nginx
age: 199409
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 620067520 711430379
accept-ranges: bytes
content-length: 53520
expires: Sun, 21 Mar 2021 05:40:25 GMT

GET
H2 200 fotos-da-mansa-o-de-mayra-cardi_13206_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/17/ 51 KB
51 KB 235ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/17/fotos-da-mansa-o-de-mayra-cardi_13206_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

737b003b9e4cdc9ee4649f9dd2d76dae0ef18b93fcc9b6ff6049d4ecc1cd1c00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Wed, 17 Feb 2021 23:13:02 GMT
server: nginx
age: 308443
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 461091025 165278043
accept-ranges: bytes
content-length: 51862
expires: Fri, 19 Mar 2021 23:23:10 GMT

GET
H2 200 festa-da-karol-conka-no-bbb21-c_13207_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/18/ 34 KB
34 KB 235ms
234ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/18/festa-da-karol-conka-no-bbb21-c_13207_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

6cd6e79bcc9d139cafc60026063f5dc2665e4575a554ab0b3423a87c2e35df9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Thu, 18 Feb 2021 09:10:15 GMT
server: nginx
age: 272806
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 453901623 78691434
accept-ranges: bytes
content-length: 34515
expires: Sat, 20 Mar 2021 09:17:07 GMT

GET
H2 200 capa-galeria_13205_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/12/ 45 KB
45 KB 234ms
234ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/12/capa-galeria_13205_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

0f67c6beab8d4bb8fb6d705e572e61bf5c45210bf27495643167972a5c44a21d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Fri, 12 Feb 2021 06:25:28 GMT
server: nginx
age: 800974
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 770378866 96837607
accept-ranges: bytes
content-length: 45713
expires: Sun, 14 Mar 2021 06:34:19 GMT

GET
H2 200 ana-hickmann-alezinho-quarto_13204_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/11/ 75 KB
75 KB 233ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/11/ana-hickmann-alezinho-quarto_13204_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

10fe8251d0a3f093e35e4508ab0a8b07e04c4546742c749dcf0126e09d2e8925

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Thu, 11 Feb 2021 15:36:46 GMT
server: nginx
age: 854618
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 599634257 983696708
accept-ranges: bytes
content-length: 76589
expires: Sat, 13 Mar 2021 15:40:15 GMT

GET
H2 200 munik-nunes-stefani-bays-kerline-e-giovanna-chaves-em-restaurante_13203_185.jpg
stc.ofuxico.com.br/img/upload/galerias/2021/02/10/ 84 KB
84 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/galerias/2021/02/10/munik-nunes-stefani-bays-kerline-e-giovanna-chaves-em-restaurante_13203_185.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

cbded92263d1f88b8c9f2e838ff9d7ea59a77c109ab4ccf93d9e9088c558476e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Wed, 10 Feb 2021 19:44:40 GMT
server: nginx
age: 854570
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 787752143 137337763
accept-ranges: bytes
content-length: 85854
expires: Sat, 13 Mar 2021 15:41:04 GMT

GET
H2 200 paolla-1_1716_251_thumb_37805.jpg
stc.ofuxico.com.br/img/upload/celebridade/2016/11/21/ 19 KB
20 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2016/11/21/paolla-1_1716_251_thumb_37805.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

a7ad5bdeced7c3aaced28a25e2728cd72670ec680e8f28ee307326c5d5637657

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Mon, 21 Nov 2016 16:10:16 GMT
server: nginx
age: 339093
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 457195412 4194441
accept-ranges: bytes
content-length: 19849
expires: Fri, 19 Mar 2021 14:52:21 GMT

GET
H2 200 1_753_251_thumb_37806.jpg
stc.ofuxico.com.br/img/upload/celebridade/2016/11/15/ 9 KB
9 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2016/11/15/1_753_251_thumb_37806.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f121d0424f09f3da47b8c24dd2f31b641158181dc570348087693b6d79df47d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Tue, 15 Nov 2016 14:29:33 GMT
server: nginx
age: 1723242
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 765322219 615934512
accept-ranges: bytes
content-length: 8719
expires: Wed, 03 Mar 2021 14:23:11 GMT

GET
H2 200 33_759_251_thumb_37806.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/03/27/ 10 KB
10 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/03/27/33_759_251_thumb_37806.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

ef690c62ca9eebfac7642d9e8c8fd17bdf4413f4a61d2cc0b7d74bd0fb061381

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Mon, 27 Mar 2017 18:26:50 GMT
server: nginx
age: 1723243
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 535931779 437227874
accept-ranges: bytes
content-length: 10432
expires: Wed, 03 Mar 2021 14:23:11 GMT

GET
H2 200 1034_251.jpg
stc.ofuxico.com.br/img/upload/aniversariantes/2012/07/23/ 69 KB
69 KB 232ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/aniversariantes/2012/07/23/1034_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1a7c3358c45085c5bfdb8525af70b75bd27ce5f0afdcc43b0e2bac9ea985e44b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Wed, 05 Aug 2015 23:25:34 GMT
server: nginx
age: 1723240
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 349142356 511053085
accept-ranges: bytes
content-length: 70799
expires: Wed, 03 Mar 2021 14:23:14 GMT

GET
H2 200 sem-titulo-5_2693_251_thumb_37806.jpg
stc.ofuxico.com.br/img/upload/celebridade/2018/05/11/ 2 KB
2 KB 230ms
229ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2018/05/11/sem-titulo-5_2693_251_thumb_37806.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

11d4964172d92dd86e01d3b081bd75d1f8294c087590690b2e0fa5ac6c5de09f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Fri, 11 May 2018 13:05:06 GMT
server: nginx
age: 1723244
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 787752152 591303036
accept-ranges: bytes
content-length: 1556
expires: Wed, 03 Mar 2021 14:23:09 GMT

GET
H2 200 1107_251.jpg
stc.ofuxico.com.br/img/upload/aniversariantes/2014/08/25/ 27 KB
27 KB 229ms
229ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/aniversariantes/2014/08/25/1107_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

41dc3d50dccaadcb2c302807d63f098c2a3cf88ef3750bf4d79a9da1e2e597c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Wed, 05 Aug 2015 23:25:28 GMT
server: nginx
age: 1723251
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 804507978 642122474
accept-ranges: bytes
content-length: 27598
expires: Wed, 03 Mar 2021 14:23:03 GMT

GET
H2 200 redondo5_3890_1126_thumb_37788.jpg
stc.ofuxico.com.br/img/upload/ofuxico_destaque_redondo/2021/02/20/ 4 KB
5 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/ofuxico_destaque_redondo/2021/02/20/redondo5_3890_1126_thumb_37788.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

332dbd1e68e7f8e5ec1c02ccacc8f8d692194bf4898f879c9d24c4ba46bb4062

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sat, 20 Feb 2021 12:38:57 GMT
server: nginx
age: 87821
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 804245669 768882508
accept-ranges: bytes
content-length: 4560
expires: Mon, 22 Mar 2021 12:40:12 GMT

GET
H2 200 redondo4_3889_1126_thumb_37788.jpg
stc.ofuxico.com.br/img/upload/ofuxico_destaque_redondo/2021/02/20/ 4 KB
4 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/ofuxico_destaque_redondo/2021/02/20/redondo4_3889_1126_thumb_37788.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d70c726b642ffc9d358d7d27f7f17c777097adacf3897c029fc671bc7ac51eb4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Sat, 20 Feb 2021 12:37:26 GMT
server: nginx
age: 87941
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459065057 421685666
accept-ranges: bytes
content-length: 3872
expires: Mon, 22 Mar 2021 12:38:13 GMT

GET
H2 200 cleo-pires-1_1536_251.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/10/02/ 9 KB
9 KB 234ms
233ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/10/02/cleo-pires-1_1536_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f07266193eb15fcca2c5baf5ed049c09fdd57f3b421f2874bc0a0813bd58e516

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Mon, 02 Oct 2017 21:53:11 GMT
server: nginx
age: 234937
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 460491277 329341884
accept-ranges: bytes
content-length: 9386
expires: Sat, 20 Mar 2021 19:48:17 GMT

GET
H2 200 19_2267_251.jpg
stc.ofuxico.com.br/img/upload/celebridade/2016/12/07/ 10 KB
10 KB 234ms
234ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2016/12/07/19_2267_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

00ff29184db01053219414d9c35309521133e3b4f71ae44aa28f94ba374549ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Wed, 07 Dec 2016 16:57:54 GMT
server: nginx
age: 234938
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 765322252 643720688
accept-ranges: bytes
content-length: 10370
expires: Sat, 20 Mar 2021 19:48:16 GMT

GET
H2 200 27_2471_251.jpg
stc.ofuxico.com.br/img/upload/celebridade/2017/03/27/ 11 KB
11 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2017/03/27/27_2471_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

5df92e8be98817009e96448b9cccfbfca36b279be301b9ab9bd0cb575a72a86e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Mon, 27 Mar 2017 18:19:34 GMT
server: nginx
age: 1723296
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 598944081 285468936
accept-ranges: bytes
content-length: 11008
expires: Wed, 03 Mar 2021 14:22:18 GMT

GET
H2 200 1148_224.jpg
stc.ofuxico.com.br/img/upload/celebridade/2016/10/17/ 10 KB
10 KB 230ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2016/10/17/1148_224.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

dca8c46dfc9d6da722d574c9d93921a49b9d88146ae9e9eca74907fd34078554

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: CacheUOL
last-modified: Mon, 17 Oct 2016 16:21:46 GMT
server: nginx
age: 1723186
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 786969258 128360523
accept-ranges: bytes
content-length: 10084
expires: Wed, 03 Mar 2021 14:24:08 GMT

GET
H2 200 viviane-1_1994_251.jpg
stc.ofuxico.com.br/img/upload/celebridade/2016/11/24/ 10 KB
10 KB 231ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/celebridade/2016/11/24/viviane-1_1994_251.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

8f4e0406f895efbe85d16c0f810f276e43733b11f66e39829809f0c9ad89afda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Thu, 24 Nov 2016 17:13:56 GMT
server: nginx
age: 234891
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459512865 340440406
accept-ranges: bytes
content-length: 10367
expires: Sat, 20 Mar 2021 19:49:03 GMT

GET
H2 200 caio-sofre-acidente_396997_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 7 KB
7 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/caio-sofre-acidente_396997_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

8a0a7815133f59189081054dc99d66ecb08eae19c4b07ae3f075a54f47aacbfb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 04:37:40 GMT
server: nginx
age: 29610
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 765322264 760557649
accept-ranges: bytes
content-length: 6890
expires: Tue, 23 Mar 2021 04:50:24 GMT

GET
H2 200 karol-conka-prejuizos-bbb21_396649_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/16/ 5 KB
6 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/16/karol-conka-prejuizos-bbb21_396649_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

b31a62fffbfd70f029f3835476bbb23c4007bf26adbb23c09a1e64a2074ef6d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Tue, 16 Feb 2021 20:24:29 GMT
server: nginx
age: 358314
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 535475639 225904454
accept-ranges: bytes
content-length: 5399
expires: Fri, 19 Mar 2021 09:32:01 GMT

GET
H2 200 sarah-com-joao-e-carla_397007_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 5 KB
5 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/sarah-com-joao-e-carla_397007_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d59d724a432594bbc5d27dfc985649961012ed8534e0f69ab9a9a849afaf4cc0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:22:18 GMT
server: nginx
age: 1359
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 597841338 164227442
accept-ranges: bytes
content-length: 4989
expires: Tue, 23 Mar 2021 12:41:15 GMT

GET
H2 200 sarah-e-juliette_397005_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 6 KB
6 KB 231ms
230ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/sarah-e-juliette_397005_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

7029998a38a47f1a3bebc97b418ac2de58506126004703bb8c63bbedfb1b39d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 12:14:14 GMT
server: nginx
age: 2491
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 784690031 787646369
accept-ranges: bytes
content-length: 5743
expires: Tue, 23 Mar 2021 12:22:23 GMT

GET
H2 200 casamento-lorena-improta-leo-santana_397004_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 7 KB
8 KB 231ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/casamento-lorena-improta-leo-santana_397004_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

554858059fd3e58c0a51e95189be5e42a2e7d7925bdefda1896871c5662f8919

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:58:19 GMT
server: nginx
age: 2856
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 444072818 442468545
accept-ranges: bytes
content-length: 7470
expires: Tue, 23 Mar 2021 12:16:19 GMT

GET
H2 200 boca-rosa-e-fred-juntinhos_397003_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 6 KB
6 KB 230ms
229ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/boca-rosa-e-fred-juntinhos_397003_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d428a6498eaa6697ff4e9d7914879548b094bc26a1db70e07aacffc79c1ad505

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:49:39 GMT
server: nginx
age: 3820
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 648986548 804659177
accept-ranges: bytes
content-length: 5685
expires: Tue, 23 Mar 2021 12:00:15 GMT

GET
H2 200 leifert-no-bbb21_397002_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/21/ 7 KB
8 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/21/leifert-no-bbb21_397002_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

695d47bca938a53f119707ed4ea6605b3f36e33cd3b2d2fae3e700b41b2976a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Sun, 21 Feb 2021 11:34:54 GMT
server: nginx
age: 4964
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 462883407 453538130
accept-ranges: bytes
content-length: 7672
expires: Tue, 23 Mar 2021 11:41:11 GMT

GET
H2 200 sarah-segurando-e-apontado-para-cartaz-com-coroa-do-lider_396943_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 5 KB
5 KB 232ms
231ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/sarah-segurando-e-apontado-para-cartaz-com-coroa-do-lider_396943_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

00b0c69e6cae08bc4a4d00a7ee8aa75b77499c5b7df14d21f69877c1c1a3622d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 23:15:41 GMT
server: nginx
age: 8593
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 459186268 451836728
accept-ranges: bytes
content-length: 4950
expires: Tue, 23 Mar 2021 10:40:41 GMT

GET
H2 200 fiuk-tdah_396937_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 4 KB
4 KB 233ms
232ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/fiuk-tdah_396937_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

4a0b58a81e218558496204dd7ed5ea93bd5c127576754278e7daf04314183c84

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 22:23:35 GMT
server: nginx
age: 9102
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 770151708 766609193
accept-ranges: bytes
content-length: 4280
expires: Tue, 23 Mar 2021 10:32:13 GMT

GET
H2 200 perucas-lace-ana-maria-braga-e-luiz-crispim_396901_36_thumb_2.jpg
stc.ofuxico.com.br/img/upload/noticias/2021/02/19/ 8 KB
8 KB 231ms
229ms Image
image/jpeg 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.ofuxico.com.br/img/upload/noticias/2021/02/19/perucas-lace-ana-maria-braga-e-luiz-crispim_396901_36_thumb_2.jpg

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

643d1727c3ad39fc29ce91c443e7203af9ae9533215837b9510e7c9e5b62c8a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
via: CacheUOL
last-modified: Fri, 19 Feb 2021 16:07:15 GMT
server: nginx
age: 9469
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-varnish: 536162153 528674856
accept-ranges: bytes
content-length: 8105
expires: Tue, 23 Mar 2021 10:26:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4360
date: Sun, 21 Feb 2021 11:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Feb 2021 13:51:12 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ofuxico/ 449 KB
38 KB 252ms
165ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.22.9 /
Resource Hash: 74a202d67a9ca4ed59c57c9115ef120a464a3f08394f228d08a21d6a0d46ea68

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: UNvh3.UBTc0W2ghcRVTCu73VR3GA5Sow
content-encoding: gzip
etag: "265fdd36904d5a60326f15ba585933a2cc3b3b9b"
age: 0
via: 1.1 varnish
x-cache: MISS
x-from-cache: 1
content-length: 38008
x-amz-id-2: lUkRIX6IMwUDYrcWNzA4fgVJkrn1XURA45NakBDPl5qGuFCGVHSexHjbT8Rk9t3zhub3FmyHkSs=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 12:51:43 UTC
server: obaker.93.1.2-11.22.9
x-timer: S1613912632.299247,VS0,VE120
date: Sun, 21 Feb 2021 13:03:52 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 9D02A5FE5A7F4496
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 25ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c4235c8775c33af7f874cdb897cebb926a7d9219adf320465a2b28b76fad619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: u3br2Wd80ojDoNJBe3JzeA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: pr02r35DosFD0yVeLX4DzaNpjkzCQdbtZva6nc1vk+QZSrM8OPkOdhuX2yj/IbgpQzxMeVTELVHxnMu3i8AHzQ==
x-fb-trip-id: 686109401
x-fb-content-md5: b47d5fd2df386a9f7f20d4419d354bc0
x-frame-options: DENY
date: Sun, 21 Feb 2021 13:03:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e382ea830d2fdbd19251f604150267f2"
timing-allow-origin: *
expires: Sun, 21 Feb 2021 13:06:40 GMT

GET
H2 200 ico-menu.png
ofuxico.com.br/skin/img/ 204 B
451 B 249ms
245ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-menu.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3735aa5ed1ca88564211c1925a31fa8f2b1c336b263a8d3d791a998f7507095

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:45 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 764312147 585108704
accept-ranges: bytes
content-length: 204
expires: Wed, 03 Mar 2021 14:21:12 GMT

GET
H2 200 icos-social.png
ofuxico.com.br/skin/img/ 9 KB
9 KB 257ms
254ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/icos-social.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f44f0002341a3560e2154719ff46f94dc63d9d7af51d10f87c04946dace3a517

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Mon, 13 Apr 2020 15:03:29 GMT
server: nginx
age: 1723303
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 537953110 469962004
accept-ranges: bytes
content-length: 8896
expires: Wed, 03 Mar 2021 14:22:08 GMT

GET
H2 200 ico-search.png
ofuxico.com.br/skin/img/ 1 KB
1 KB 258ms
255ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-search.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

f58ca1f09ee0a00c2afc22fc1d30576c613dd3ae44c9a4aa9af5062fc21e63a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:46 GMT
server: nginx
age: 1723303
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 601132765 797266463
accept-ranges: bytes
content-length: 1078
expires: Wed, 03 Mar 2021 14:22:08 GMT

GET
H2 200 ico-close.png
ofuxico.com.br/skin/img/ 416 B
663 B 252ms
249ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-close.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

982ec3933fb7c1a8ab238f1950dbf3ffb69d4db56bb460dabc7a44e842a3257c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:44 GMT
server: nginx
age: 1723359
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 788239909 646515448
accept-ranges: bytes
content-length: 416
expires: Wed, 03 Mar 2021 14:21:12 GMT

GET
H2 200 think4.png
ofuxico.com.br/skin/img/ 1 KB
1 KB 257ms
255ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/think4.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

c631446d83ca7bbb74b17e51e2901089cd509bf3988076dc6a7ac8ac2d6727de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:49 GMT
server: nginx
age: 1723360
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 437649402 374312631
accept-ranges: bytes
content-length: 1159
expires: Wed, 03 Mar 2021 14:21:12 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ofuxico.com.br
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 595977
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 14 Feb 2022 15:30:55 GMT

GET
H2 200 montserrat-light.woff2
ofuxico.com.br/skin/fonts/montserrat/ 18 KB
19 KB 239ms
238ms Font
application/octet-stream 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/skin/fonts/montserrat/montserrat-light.woff2

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/fonts/montserrat/stylesheet.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

2ff3728cd05260638adcff81371ca7552794a47c4332c269c38e7f1833a654cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://ofuxico.com.br
Referer: https://ofuxico.com.br/skin/fonts/montserrat/stylesheet.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:51 GMT
server: nginx
age: 1723042
x-frame-options: SAMEORIGIN
x-cache: HIT
x-varnish: 537953106 370907423
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18724
expires: Tue, 01 Feb 2022 14:26:29 GMT

GET
H2 200 ico-post.png
ofuxico.com.br/skin/img/ 548 B
794 B 230ms
229ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-post.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1f7d9b949bb9a3f8d10ab6116926ed43bd9dc9c649201171e66e48646a54e1ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:46 GMT
server: nginx
age: 339070
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 460067051 6357178
accept-ranges: bytes
content-length: 548
expires: Fri, 19 Mar 2021 14:52:41 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 147 KB
37 KB 15ms
15ms Script
application/javascript 2606:4700:3035::ac43:9ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/b27ebdda-2849-404f-9415-caf643b936ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c0bb279c0e6c3df3477c78e2178e02143152df573a04bb5f986c19acdf8924

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: 1.1 298295dc49d01ca277aeb7439bbb326f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4596
x-cache: Hit from cloudfront
content-encoding: br
cf-request-id: 08664983b600004ec7c01a2000000001
last-modified: Fri, 08 Jan 2021 12:01:04 GMT
server: cloudflare
etag: W/"80d0969265bee1df6751ca17ae2ed4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b7iYEkYtlBIXRvPtB348RbXB%2F3VRS2EuxBXhTzwJNqgd44eJmXiX0sDY3%2FrVndii4fqElApFoADEn0obJu0vfZVO44BiVooTcY4%2BRTKmStLbVmOsZIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: MXP64-C2
cf-ray: 6250ab7f8c924ec7-FRA
x-amz-cf-id: Dr0D3OYvyZrwE9uarjFRI_hgn-f1yqSLIHmB0AbguZT0jOb3SMAEvg==

GET
H2 200 ico-navs.png
ofuxico.com.br/skin/img/ 328 B
574 B 393ms
393ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-navs.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

d15702440e2ebe50b0df1a4971628a43421fa5a485f397cbfa8adc2228b8f709

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:45 GMT
server: nginx
age: 337130
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 453931642 3054005
accept-ranges: bytes
content-length: 328
expires: Fri, 19 Mar 2021 15:25:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=776334610&t=pageview&_s=1&dl=https%3A%2F%2Fofuxico.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=900794448&gjid=140658983&cid=452567371.1613912632&tid=UA-1507205-1&_gid=1039508327.1613912632&_r=1&_slc=1&z=1558599917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 198 KB
61 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=50d5daddf44c2bbcb579ea813696dfc1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b29a7e6882a46221d938d9c4352a77c8d29aa57608c8c7e89085f27bb846b3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ofuxico.com.br
Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: L3oNpM98+jvgl6XUaIuSog==
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Feb 2022 10:19:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60982
x-fb-rlafr: 0
x-fb-debug: I5ZjflQYDu8/w42ieUtl0dFPr0bNcLmq4BMSk1BUkpBva1kvTOCq8CHD1ysdqhBQwmXugfM/OUTyq4BotFry0g==
x-fb-trip-id: 686109401
x-fb-content-md5: f1746c9de45b0efc6c825a5f4fa8bc5b
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Feb 2021 13:03:52 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "1cb9be54f1dd3bfc3777796560e659c2"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ico-qtdphotos.png
ofuxico.com.br/skin/img/ 2 KB
2 KB 363ms
363ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-qtdphotos.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

60e38cdaa31f7917ce2e09309a7787a70541144e9d2fe8092f033da4c17dd4b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Mon, 12 Dec 2016 18:47:40 GMT
server: nginx
age: 1723359
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 579888151 637373133
accept-ranges: bytes
content-length: 1623
expires: Wed, 03 Mar 2021 14:21:12 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ofuxico.com.br
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 235347
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:25 GMT

GET
H2

200

/ Show response
embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/ Frame EB60
Redirect Chain

https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a
https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/

69 KB
12 KB

48ms
48ms

Document
text/html

35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

215.69.201.35.bc.googleusercontent.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.27 / PHP/7.3.27

Resource Hash

6bcb4d1a1ffd69a8b12961e660acd1d1e0cbde69bb5fb15aa1301c4dfb9ebc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: embedsocial.com
:scheme: https
:path: /facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

date: Sun, 21 Feb 2021 13:02:50 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.27
strict-transport-security: max-age=15768000
x-powered-by: PHP/7.3.27
x-content-digest: en6bcb4d1a1ffd69a8b12961e660acd1d1e0cbde69bb5fb15aa1301c4dfb9ebc3c
age: 62
vary: Accept-Encoding
content-encoding: gzip
content-length: 12461
content-type: text/html; charset=UTF-8
via: 1.1 google
cache-control: max-age=120, public, s-maxage=120
alt-svc: clear

Redirect headers

date: Sun, 21 Feb 2021 13:03:52 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.27
strict-transport-security: max-age=15768000
x-powered-by: PHP/7.3.27
location: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
content-length: 612
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1507205-1&cid=452567371.1613912632&jid=900794448&gjid=140658983&_gid=1039508327.1613912632&_u=IEBAAEAAAAAAAC~&z=520880454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Feb 2021 13:03:52 GMT
content-type: text/plain
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b27ebdda-2849-404f-9415-caf643b936ad.json Show response
osp-assets.pn.vg/ 21 B
1 KB 36ms
15ms Fetch
application/json 2606:4700:3035::ac43:9ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/b27ebdda-2849-404f-9415-caf643b936ad.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
access-control-allow-methods: GET, HEAD, POST, PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 249127
cf-ray: 6250ab803ca00605-FRA
content-length: 21
x-amz-id-2: lbf9jcECDF5OaAqifs/Xc3Ik+NTh810dZJFGTecT1quNiVlcFylSAhKYCr3e2z/xq0V5xrKSw9E=
last-modified: Wed, 06 Jan 2021 23:24:39 GMT
server: cloudflare
etag: "7e49c47a75dd2571802e6b32b46a36ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pd3aqUttMnsvkXfODero8DPSKA00AqnvwsQrfULmO6ZXBOdbMLWKkoJ34GolMjhy9IDImlNVEyPDxbzTRrmTgbVQXCv6u6O4LfBw0PO5lkQqKBVO8ZFtJ7xkdyiS"}],"max_age":604800}
x-amz-request-id: B16CE88BAD767498
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-request-id: 086649842400000605d0a84000000001
accept-ranges: bytes
content-type: application/json

GET
H2 200 pushnews-sw.js Show response
ofuxico.com.br/ 62 B
316 B 317ms
316ms XHR
application/javascript 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Wed, 15 Apr 2020 04:42:32 GMT
server: nginx
age: 339068
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
x-varnish: 142429829 6160661
accept-ranges: bytes
content-length: 62
expires: Thu, 17 Feb 2022 14:52:43 GMT

GET
H2 200 cookie.html Show response
cookies.pn.vg/ Frame 15A2 5 KB
2 KB 15ms
14ms Document
text/html 2606:4700:3035::ac43:9ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.pn.vg/cookie.html
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

:method: GET
:authority: cookies.pn.vg
:scheme: https
:path: /cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=46a1abc2aeb1229afe024503c21a7cd27a9ea8f1-1613912632-1800-Ae9hleNtr2u7wGyOe1v3DpKQNNgNvCcCWJhYFTaCQLqkmvgKMOlen0hskmL7MLf0kpNgYQZUWIu8fLXGzejuhRw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
content-type: text/html
set-cookie: __cfduid=dfe831456d1a435d58e30b3eccecff9801613912632; expires=Tue, 23-Mar-21 13:03:52 GMT; path=/; domain=.pn.vg; HttpOnly; SameSite=Lax
last-modified: Wed, 26 Aug 2020 15:02:00 GMT
x-cache: Hit from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rXKG9z9F8nx7ZyWkEZyY1PtRqfIPz6humwUmB8M7pc5dcRDf36q3ow==
age: 3092
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 086649855a00004ec7c01b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ki0bjDY3boSsNEF8UTBbPM238hGb4r03CMYNk2rnCR%2B31nma4znvblip6nvHSwqyzMw95Tr%2FxUzwIPKI6bhZBfA4AUKqRpP5m6msD9%2Bxi24%2Bx0X9Q9n58vUP"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6250ab8228904ec7-FRA
content-encoding: br

GET
H2 200 ico-instagram.png
ofuxico.com.br/skin/img/ 615 B
862 B 233ms
232ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-instagram.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

bb72ca42d4baf6c0c798c3f3d8e49346e19cd36b7ae80ee38088b5e1a59d77c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:45 GMT
server: nginx
age: 1723188
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 786743328 640815069
accept-ranges: bytes
content-length: 615
expires: Wed, 03 Mar 2021 14:24:04 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1507205-1&cid=452567371.1613912632&jid=900794448&_u=IEBAAEAAAAAAAC~&z=32426029

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1507205-1&cid=452567371.1613912632&jid=900794448&_u=IEBAAEAAAAAAAC~&z=32426029

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ico-facebook.png
ofuxico.com.br/skin/img/ 463 B
710 B 229ms
229ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-facebook.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

1b1104e75542b2e4f8c4de0106f33612edcaaef147ec087608bac0ebb1b160c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:44 GMT
server: nginx
age: 1723304
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 804178467 638815243
accept-ranges: bytes
content-length: 463
expires: Wed, 03 Mar 2021 14:22:08 GMT

GET
H2 200 ico-nav.png
ofuxico.com.br/skin/img/ 281 B
528 B 229ms
229ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/ico-nav.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

434eae42f3e154fd3ceb705ecca6918803df24ea1cc3f7501d521d1950082592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:52 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:45 GMT
server: nginx
age: 1723184
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 596859814 428543968
accept-ranges: bytes
content-length: 281
expires: Wed, 03 Mar 2021 14:24:08 GMT

GET
H2 200 noticias-396901.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
234ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396901.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 349142305
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396937.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396937.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 786808265
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396943.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
234ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396943.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 439965530
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397002.json Show response
ofuxico.com.br/arquivo/reaction/ 0
235 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397002.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 805322220
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397003.json Show response
ofuxico.com.br/arquivo/reaction/ 0
243 B 231ms
231ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397003.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 68
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/json
cache-control: max-age=300
x-varnish: 279762996 462200307
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:07:44 GMT

GET
H2 200 noticias-397004.json Show response
ofuxico.com.br/arquivo/reaction/ 0
243 B 232ms
231ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397004.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 68
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/json
cache-control: max-age=300
x-varnish: 460034516 455223653
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:07:44 GMT

GET
H2 200 noticias-397005.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397005.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 770118691
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397007.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397007.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 537496393
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 galerias-13203.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/galerias-13203.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 598720263
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 galerias-13204.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
232ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/galerias-13204.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 528666528
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 galerias-13206.json Show response
ofuxico.com.br/arquivo/reaction/ 0
244 B 232ms
232ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/galerias-13206.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 230
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/json
cache-control: max-age=300
x-varnish: 439965533 439437856
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:05:02 GMT

GET
H2 200 noticias-397009.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
232ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397009.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 804443918
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397011.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
234ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397011.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 459493243
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397013.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397013.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 459512825
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396997.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396997.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 770118694
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-397001.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 234ms
234ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-397001.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 533653662
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396999.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396999.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 349142308
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396943.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396943.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 528666531
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396901.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396901.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 441631908
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396920.json Show response
ofuxico.com.br/arquivo/reaction/ 0
243 B 230ms
229ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396920.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 230
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/json
cache-control: max-age=300
x-varnish: 804282049 692873846
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:05:02 GMT

GET
H2 200 noticias-396918.json Show response
ofuxico.com.br/arquivo/reaction/ 0
236 B 233ms
233ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396918.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json
cache-control: max-age=300
x-varnish: 462524543
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:08:53 GMT

GET
H2 200 noticias-396998.json Show response
ofuxico.com.br/arquivo/reaction/ 0
243 B 230ms
230ms XHR
application/json 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://ofuxico.com.br/arquivo/reaction/noticias-396998.json

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofuxico.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: CacheUOL
last-modified: Wed, 22 Feb 2017 16:06:10 GMT
server: nginx
age: 130
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/json
cache-control: max-age=300
x-varnish: 459808299 459807375
accept-ranges: bytes
content-length: 0
expires: Sun, 21 Feb 2021 13:06:42 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame B4E2 197 B
688 B 518ms
253ms Document
text/html 2600:9000:20d7:7000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Mon, 04 Jan 2021 18:03:21 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 21 Feb 2021 13:03:53 GMT
expires: Sun, 21 Feb 2021 13:13:53 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: RefreshHit from cloudfront
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: -YyLl-xJJCynXraUCWUpzzBgXoulm82R9hhSbdaQAl4A4WkgFZFdeg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 142ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

959c2de9ef4e68df841205ffea3a3d00820397105a70a345c3e42534b493c554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "790 / 425 of 1000 / last-modified: 1613776261"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19525
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:53 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 9ms
8ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:16 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 22:34:30 GMT
server: marrakesh 1.16.6
age: 997
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
content-length: 5277
x-amz-cf-id: p1lykDRGxtJwPOulmNEkIaOvP8VEf-c0k03UXxkfAv47Wdzzf8qvpg==
expires: Sun, 21 Feb 2021 13:47:16 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 126 KB
17 KB 11ms
11ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 22e2618ee63f4362dbb5bd0526d708e0585fb6ff990640a8a3f7379ca71a3811

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:16 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 17:15:37 GMT
server: marrakesh 1.16.6
age: 997
etag: 3a936b0c4bf16edcfc705250b8b56675
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
content-length: 16995
x-amz-cf-id: 1qO0mdvjUkpAEaxW_oY80vxnPdV4e5PHCHV3MyuSftTaSVnAugevXA==
expires: Sun, 21 Feb 2021 13:47:16 GMT

GET
H2 200 ofuxico.js Show response
me.jsuol.com.br/aud/ 16 KB
7 KB 773ms
193ms Script
application/javascript 2804:49c:3102:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/ofuxico.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 81b4ea2ff994d680f6f110390f5ac141da3d80e6d1131dcb8b526549f603a756

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 13:23:25 GMT
server: marrakesh 1.16.6
etag: 6370af2f919ee9dce911e9018fe99d31
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 7094
expires: Sun, 21 Feb 2021 14:03:53 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
3 KB 9ms
9ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=sgcw9n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 30889b3a641f667f77275bc91ea981e98f4037e50bf5e72b8dfba6914efda03d

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:16 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 14:26:59 GMT
server: marrakesh 1.16.6
age: 997
etag: 289fb08265cc40872648d84ae9cc36cb
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
content-length: 2151
x-amz-cf-id: _KXppHdZc0GEBcO8KzQYRm7LrLZOq4ZTonlDhbJdqaEDSDTWvFTQmQ==
expires: Sun, 21 Feb 2021 13:47:16 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/ofuxico/ 3 KB
2 KB 343ms
251ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/ofuxico/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63441494c4cddf875b946d5ce32444c95e2ad92761c590b64ed10fdefa20a8fb

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8r6mDZ8uFm7lh.86hBfhrxQow.mxDdlK
content-encoding: gzip
etag: "6b69f370f8e17be40f41e35d34cc44fe"
age: 0
x-cache: HIT, MISS
content-length: 1159
x-amz-id-2: ZvHn/em1C8I0A2kfkntyYGLCU0Ve2eOHjGa2bHXA1TI2OV4nJP8lOYbDL24spyv1LpIHxve8YFc=
x-served-by: cache-lax10634-LGB, cache-fra19164-FRA
last-modified: Wed, 01 Apr 2020 12:07:25 GMT
server: AmazonS3
x-timer: S1613912633.197822,VS0,VE209
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding,,
x-amz-request-id: A7596345AF0AB4E0
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210221-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 465 KB
108 KB 46ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: cd5844a01a38bc4b6ba9b1ade25de60b3e12e3326589b5ba5c58389dea3177a6

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: S.OlOqpr7HhxW8duaoyYW7Mix1iPeY04
content-encoding: br
etag: "8794d10625cd1499892d92e265096ec5"
age: 14613
x-cache: HIT
content-length: 109719
x-amz-id-2: M79CKtFGi5rn2MRisz9auOwJPg7hwsJcyLTgCNgp8gPmluHR44ICwKwCiMEk1XizBBlVjrHhBJM=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 08:58:25 GMT
server: AmazonS3-br
x-timer: S1613912633.111607,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: A6D12BB6FDD8CBED
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 24
x-cache-hits: 48319

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 139ms
46ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 13:03:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 22 Feb 2021 13:03:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EB60 6 KB
1 KB 44ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=cyrillic

Requested by

Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Feb 2021 13:03:53 GMT
server: ESF
date: Sun, 21 Feb 2021 13:03:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Feb 2021 13:03:53 GMT

GET
H2 200 ivideo.png
embedsocial.com/cdn/icon/ Frame EB60 2 KB
2 KB 40ms
37ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/cdn/icon/ivideo.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36497cd4daafad4ecad25cea32e128585a26f2096f253d2dec5faab6267cb793

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:46:06 GMT
content-encoding: gzip
age: 303467
x-guploader-uploadid: ABg5-Uwp7hBp69X92QWoadvP4S17MEHF7iIgeId3QnKZaGyJilrevYpxLKQjZsSYU3xCphbPFOn0G2LuszvKmEN82wrViKMjfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1655
last-modified: Tue, 30 Jul 2019 15:52:28 GMT
server: UploadServer
etag: "696e03fa69ecc2d162e65bda882ca7d3"
x-goog-hash: crc32c=VphuMg==, md5=aW4D+mnswtFi5lvaiCyn0w==
x-goog-generation: 1564501948638076
cache-control: public, max-age=604800,no-transform
x-goog-stored-content-length: 1655
accept-ranges: bytes
content-type: image/png
expires: Thu, 25 Feb 2021 00:46:06 GMT

GET
H2 200 loader.gif
embedsocial.com/image/ Frame EB60 67 KB
67 KB 41ms
40ms Image
image/gif 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embedsocial.com/image/loader.gif

Requested by

Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

215.69.201.35.bc.googleusercontent.com

Software

Apache/2.4.37 (centos) OpenSSL/1.1.1c /

Resource Hash

cef68c41ba328dd5b20748634ace248185cbda77d683c56e6cb10b613d6dff9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 06:59:53 GMT
via: 1.1 google
last-modified: Thu, 18 Feb 2021 14:49:12 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1c
age: 194640
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=604900, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
alt-svc: clear
content-length: 68751
x-xss-protection: 1; mode=block
expires: Sat, 19 Jun 2021 06:59:53 GMT

GET
H2 200 iframeContent.min.js Show response
embedsocial.com/js/ Frame EB60 13 KB
5 KB 38ms
37ms Script
application/javascript 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://embedsocial.com/js/iframeContent.min.js
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:46:04 GMT
content-encoding: gzip
age: 303469
x-guploader-uploadid: ABg5-Uy61edL8cZ4FFLBPmSaw6mqr9M5zrG6Wvi3JAGVqmqSqUxV0s-puamCBjwEphKKPVbeal7Jxd1JfnnubGljXutWi4R8PA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5032
last-modified: Wed, 31 Jul 2019 08:16:38 GMT
server: UploadServer
etag: "f260ced9a1fc33c5576eadbda7ee27a7"
x-goog-hash: crc32c=IVnT7Q==, md5=8mDO2aH8M8VXbq29p+4npw==
x-goog-generation: 1564560998353327
cache-control: public, max-age=604800,no-transform
x-goog-stored-content-length: 5032
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 25 Feb 2021 00:46:04 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
500 B 215ms
137ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 image_0.png
embedsocial.com/admin/feedcdn/feed-media/17859/17859157946367204/ Frame EB60 354 KB
355 KB 99ms
97ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17859/17859157946367204/image_0.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: 96e7731384f461de6b204d873fcf90a7f140c482854c76ca748157362b5f1a2e

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: 1.1 google
last-modified: Sat, 23 Jan 2021 07:14:18 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
etag: "589d3-5b98c0d9dc446"
content-type: image/png
accept-ranges: bytes
alt-svc: clear
content-length: 362963

GET
H2 200 image_0.png
embedsocial.com/admin/feedcdn/feed-media/18143/18143176369191261/ Frame EB60 247 KB
247 KB 107ms
105ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/18143/18143176369191261/image_0.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: 3722c907e9d14c3af3f1cbffd8755a0747f0298077699774b1d28fbbd4625d21

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: 1.1 google
last-modified: Fri, 22 Jan 2021 18:56:11 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
etag: "3db7c-5b981bde245a0"
content-type: image/png
accept-ranges: bytes
alt-svc: clear
content-length: 252796

GET
H2 200 image_0.png
embedsocial.com/admin/feedcdn/feed-media/17912/17912958433584287/ Frame EB60 481 KB
482 KB 56ms
54ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17912/17912958433584287/image_0.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: 9e982af209308e7331c4b6135b1acb2fed598e6c560daeb28e2d3f15d0fdb05d

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 17:49:34 GMT
via: 1.1 google
last-modified: Sat, 23 Jan 2021 01:11:48 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
age: 328459
etag: "7848c-5b986fd2ef16d"
content-type: image/png
cache-control: max-age=604900, public
accept-ranges: bytes
alt-svc: clear
content-length: 492684

GET
H2 200 image_0.png
embedsocial.com/admin/feedcdn/feed-media/17941/17941459903436859/ Frame EB60 501 KB
501 KB 50ms
48ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17941/17941459903436859/image_0.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: eb394d9558ed252e12742251c91b95762e682ec74008b6dbe31f6fa16b60ae45

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 18:03:38 GMT
via: 1.1 google
last-modified: Fri, 22 Jan 2021 01:02:03 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
age: 586815
etag: "7d318-5b972bc7e7cb6"
content-type: image/png
cache-control: max-age=604900, public
accept-ranges: bytes
alt-svc: clear
content-length: 512792

GET
H2 200 image_0.png
embedsocial.com/admin/feedcdn/feed-media/17869/17869226387262554/ Frame EB60 554 KB
554 KB 110ms
108ms Image
image/png 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17869/17869226387262554/image_0.png
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: d53be8cf6f3c9375d205f9f9a0b01dea95e68db3393e11be72aaeaadecbf5810

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: 1.1 google
last-modified: Thu, 21 Jan 2021 19:03:00 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
etag: "8a75b-5b96db86a5ac7"
content-type: image/png
accept-ranges: bytes
alt-svc: clear
content-length: 567131

GET
H2 200 image_0.jpeg
embedsocial.com/admin/feedcdn/feed-media/17943/17943821752415691/ Frame EB60 48 KB
48 KB 40ms
38ms Image
image/jpeg 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17943/17943821752415691/image_0.jpeg
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: ab0f5f8dfb4407610b2dadf20e1b411f20a4826cec33d74b91f0fc38ad42d397

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 21:06:52 GMT
via: 1.1 google
last-modified: Fri, 22 Jan 2021 07:16:05 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
age: 489421
etag: "bf2e-5b977f620f71f"
content-type: image/jpeg
cache-control: max-age=604900, public
accept-ranges: bytes
alt-svc: clear
content-length: 48942

GET
H2 200 image_0.jpeg
embedsocial.com/admin/feedcdn/feed-media/17912/17912503873597170/ Frame EB60 41 KB
42 KB 111ms
109ms Image
image/jpeg 35.201.69.215
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedsocial.com/admin/feedcdn/feed-media/17912/17912503873597170/image_0.jpeg
Requested by: Host: embedsocial.com
URL: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.69.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.69.201.35.bc.googleusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash: 6878f813fc1db2b3c2457a82df28e18b03bdae514edeb3f70581a79f6aaf5333

Request headers

Referer: https://embedsocial.com/facebook_album/pro_hashtag/23a25a0603623a4b33b4bd7886a027886f7b832a/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
via: 1.1 google
last-modified: Thu, 21 Jan 2021 19:02:59 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
etag: "a5c8-5b96db85b2bc7"
content-type: image/jpeg
accept-ranges: bytes
alt-svc: clear
content-length: 42440

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame EB60 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://embedsocial.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 23:19:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 49474
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sun, 20 Feb 2022 23:19:19 GMT

GET
H2 200 json Show response
trc.taboola.com/ofuxico/trc/3/ 21 KB
8 KB 341ms
334ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ofuxico/trc/3/json?tim=14%3A03%3A53.264&lti=deflated&data=%7B%22id%22%3A906%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1613905149611%2C%22vi%22%3A1613912633246%2C%22cv%22%3A%2220210221-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fofuxico.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1752%2C%22dh%22%3A6360%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20Home%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20Home%22%2C%22cd%22%3A1700.84375%2C%22mw%22%3A998%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04e0066461697cbf57579656c27646e2bd9834d2cffc13cc9dac59edf8610320

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 292
date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
server: nginx
x-timer: S1613912633.294803,VS0,VE292
x-served-by: cache-fra19137-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ofuxico.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-Q050 200 pubads_impl_2021021601.js Show response
securepubads.g.doubleclick.net/gpt/ 291 KB
102 KB 107ms
59ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

94107238a1097b66d59ded9c22a26e793aaa854e8bd4f555e704aa23acb6b959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 09:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104204
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:53 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=h...

0
528 B

51ms
51ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=https%3A%2F%2Fofuxico.com.br%2F&c9=&cs_ak_ss=1
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1613912633307&ns_c=UTF-8&cv=3.5&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=https%3A%2F%2Fofuxico.com.br%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/ofuxico/ 111 KB
30 KB 43ms
42ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/ofuxico/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/ofuxico/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c991e11f7320130365930976806365ac58537a0394e5a0043e9d93ce2a485111

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: JcP3D9517iL0yn_rzG1vbOEVp5xqDe_0
content-encoding: gzip
etag: "7a2d0321cd66e989051899aff88e08a6"
age: 1562165
x-cache: HIT, HIT
content-length: 30937
x-amz-id-2: WV8+gO8TWdbVOnH7TXfuR9ruKO1FjUE2rzw3uys5rNDoJ6VD5bnXCFm/06UuHIkJQkUArsP5J0A=
x-served-by: cache-lax10629-LGB, cache-fra19164-FRA
last-modified: Wed, 01 Apr 2020 12:07:25 GMT
server: AmazonS3
x-timer: S1613912633.450167,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding,,
x-amz-request-id: 9XFG9Z4G5MDHFP3M
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1954

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 46ms
46ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/ofuxico/pmk-202003261.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 13:03:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 22 Feb 2021 13:03:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=ofuxico.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ofuxico.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
11 KB 312ms
312ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633624&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=1320&adys=100&adks=4106720246&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=998x7353&msz=160x-1&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=516&ohw=160

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

60c1961e8236404c583f6231ee1ca8a35a2cbe807ab76b6c436ff153a9a5f76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10354
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 1091ms
1091ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633630&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=301&adys=4358&adks=2651661202&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=158x600&msz=160x600&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=160

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fefd74bbd8df8efbc7a5198d160773ab7190846e3c14a6f4152ea759d43326c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10830
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2573ms
2573ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633633&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=314&adys=884&adks=2110133660&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=326x857&msz=300x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9fa14a18d3e177edbec0626a0b30a83add2951fbce5b2f330006c03e1cc7b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 117688
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4007
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 157934
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 2406ms
2406ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633638&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=999&adys=2919&adks=2527445489&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=326x185&msz=300x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1d89932dc0d8e89af6df42f4b1fb1c3d888f3f16aae6d468077f5de3ee631b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 1461ms
1460ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633641&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=5705&adks=2492151693&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=326x600&msz=300x600&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e5a60e04185568a2e433a2b8755e91021f62ffc96c7ef7f11c5c8faea1660d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 2184ms
2184ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633644&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1762947626&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7633&msz=0x0&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ade0cec2a91ae4aae71f648bcbe36d17d93058453d1f157870d4f1fc34f98c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
google-lineitem-id: 5623444217
pragma: no-cache
server: cafe
google-creative-id: 499647446323
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 2036ms
2035ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633646&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1375&adks=4146059273&ucis=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=998x250&msz=970x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

820cc0232bd6f3421c7dc32b45f917dca733023117d99b6b28c32f3f5d646ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24671
x-xss-protection: 0
google-lineitem-id: 5623444217
pragma: no-cache
server: cafe
google-creative-id: 499691942861
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 849ms
849ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633648&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=2178&adks=2610416029&ucis=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=998x250&msz=970x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

798da0258ba56d3f41eff1c48ce6a86bed95d7490f651b0c813fcaa004abf547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24786
x-xss-protection: 0
google-lineitem-id: 5623444217
pragma: no-cache
server: cafe
google-creative-id: 499691942861
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 604ms
604ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633655&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=3224&adks=1887458903&ucis=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=998x250&msz=970x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e59ba7b2e2e2179d2a10635d640554731087bf8dbef00f62f3c0b236561ce4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24639
x-xss-protection: 0
google-lineitem-id: 5623444217
pragma: no-cache
server: cafe
google-creative-id: 499691942861
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 1744ms
1743ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4262409186531108&correlator=4047318443427752&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060172%2C31060013&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210221&iu_parts=8804%2Cparceiros%2Co_fuxico&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=campaignuol%3D1%26group%3D13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dofuxico%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1613912633&dt=1613912633658&dlt=1613912631681&idt=1864&frm=20&biw=1600&bih=1200&oid=3&adxs=301&adys=135&adks=1508456601&ucis=a&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fofuxico.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=998x7353&msz=998x250&ga_vid=452567371.1613912632&ga_sid=1613912634&ga_hid=776334610&fws=4&ohw=998

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

37923a52811f7f2294869ad6506c3b3c8d280bf5bc69a24eedb2c9966e5e89c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24809
x-xss-protection: 0
google-lineitem-id: 5623444217
pragma: no-cache
server: cafe
google-creative-id: 499691942861
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 11 KB
4 KB 44ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb9457d06e83e5d4dcc04bcddc8f66966683dd61976221e10a893020e758fce1

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9P9t6t79rkYz9OPL5jVQB4DIxgIMAKyz
content-encoding: gzip
etag: "cfb0de5e7612813b72f8a3577e5cf7af"
age: 14326
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 3874
x-amz-id-2: dy1gDFDGnztLDOWA07T8F4l5q1SXiVfBOu6OFaMoNER5SkftjvNwAYBeeVeYYLjnV2Bab+w5Cdw=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 18 Feb 2021 09:05:00 GMT
server: AmazonS3
x-timer: S1613912634.749034,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: AD1B422594917944
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 42
x-cache-hits: 99660

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 44ms
44ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding: gzip
etag: "a13f67361cd19b638bb3083cf688d732"
age: 17955
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 748
x-amz-id-2: sviL9jW5ap3b+pNuCd1gBo/4pkWtCWLG4NrjodNBpV9uPbq3OGlH/uiLvREIEIEhgAtWe+0rZ9c=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 09 Feb 2021 16:04:13 GMT
server: AmazonS3
x-timer: S1613912634.749015,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: C8F8CDB2E50EC716
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 42
x-cache-hits: 164547

GET
H2 200 tfa-eid.20210221-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 45ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210221-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 562e8ea09880829076aa6c8a9cf3b4bafe3453ad9519913232abe6e8184561fc

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: chnFfIeHBr0omVD7RvoV1i6uyY5uzSQB
content-encoding: gzip
etag: "a9cf03ba6f67ab9c53a0cb3106d7b0b6"
age: 7821
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4856
x-amz-id-2: 3+lpnJ0gz2nQgomzQWG54y8/u1JuoftVLT8h0WsUI7lvchmgAoXwFMIne7uSXH9j0tBTntBPk7Y=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 10:53:31 GMT
server: AmazonS3
x-timer: S1613912634.753486,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: AD226352843DF065
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 45534

GET
H2 200 sha256.20210221-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 44ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210221-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528a1dcdcf30d95a3753d0bd3a288ea0c71d0dd8f957832177a2892153e8ad31

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: u_MtADyzTarEpGvWTbj0.TCyyKTLGbk4
content-encoding: gzip
etag: "de725e614824ccaba2a9229e08bcbb32"
age: 7812
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: l9PE1jZ0KygNDkfQlqYrn6VQqvYlhX5bf+w8xpkM9EmKWhNasDzWibfGZ4SteGGaUnuQLpnzUMg=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 10:53:40 GMT
server: AmazonS3
x-timer: S1613912634.753459,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: DV8J4T7YDR7N6J7M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 44384

GET
H2 200 userx.20210221-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 44ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210221-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5991aff768a1baca28ae42a23222850eba7b0cb768734001f9efb1615bd173d

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: P.U35x2OObsfzxO8GbQuPvSp1XWN.QMU
content-encoding: gzip
etag: "61068338839df9f33b99a1b6612130f7"
age: 7822
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7811
x-amz-id-2: lSneWbUsq6c1Lx15xpP2VY9H4Bc52Jc5wVyiiiJy6lTyJszls2XpuJvqIM5M3vjk2Vh8hIPyV3s=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 10:53:26 GMT
server: AmazonS3
x-timer: S1613912634.769902,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: B69EC05D1CD926CC
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 7399

GET
H2 200 explore-more.20210221-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
7 KB 43ms
43ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210221-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d568c0b15e59a48d37ee8935a215f97c97bb67d68508fea5bba25caa9bc1a3d

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tOpZQ.1dlP0M9alF4mIUIYNVbjITp2mY
content-encoding: gzip
etag: "a642da00964b621aa54aceb17c4f8a75"
age: 7791
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6619
x-amz-id-2: v70InmSQhLBb4sDHjWXLF8XxMe2TurQQfxQwra57FDAkTbB5QtqW2eQSGcNjvUAgstl9yOYQ8No=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 10:53:58 GMT
server: AmazonS3
x-timer: S1613912634.769885,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: 0BDDC9041DFFFFD7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 9835

GET
H2 200 feed-card-placeholder.20210221-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 43ms
43ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210221-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ofuxico/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f1ec5c2aa5bcbdc07ada05eab0902791a213915b2b1bab36fabfcf8db8e3950

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: LryzyikuCMytWlKZlcEjmA4_M2KnJnsK
content-encoding: gzip
etag: "2a0994a99b7cb1cb61cefb4b820e1a62"
age: 7796
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1268
x-amz-id-2: omNTnP9hQjoXf77atneLI3JWlSanSvB5Wbba+KG7INFnVYu1pJ+QHSr19nWO3KYckTcFDMxsNWQ=
x-served-by: cache-fra19137-FRA
last-modified: Sun, 21 Feb 2021 10:53:56 GMT
server: AmazonS3
x-timer: S1613912634.770145,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
vary: Accept-Encoding
x-amz-request-id: 33909D4C6620A76B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 29202

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame C1CF
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa&tbid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&query=taboola_hm%3Da84f6002-47a2-...

0
148 B

133ms
46ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa&tbid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&query=taboola_hm%3Da84f6002-47a2-45c3-8858-02495150abfa&isDirect=0
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912634.371191,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11578-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a84f6002-47a2-45c3-8858-02495150abfa&tbid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&query=taboola_hm%3Da84f6002-47a2-45c3-8858-02495150abfa&isDirect=0
tbl-x-upstream: 10.40.0.175:10213
date: Sun, 21 Feb 2021 13:03:54 GMT
server: nginx
x-fastly-to-nlb-rtt: 22031

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C1CF 0
239 B 204ms
54ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame C1CF
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=77CaAquxbvNA&ev=1&orig=trc&pid=562107

0
218 B

91ms
45ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=77CaAquxbvNA&ev=1&orig=trc&pid=562107
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Sun, 21 Feb 2021 13:03:54 GMT
server: nginx
x-fastly-to-nlb-rtt: 22031

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=77CaAquxbvNA&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-p9wft
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame C1CF 43 B
691 B 149ms
55ms Image
image/gif 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:53 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid: 3d2d8efc-8005-4896-8570-ce590b80c9ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame C1CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKC3rD7XSsYaCaBB_J_XyfU&google_cver=1

0
268 B

109ms
109ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKC3rD7XSsYaCaBB_J_XyfU&google_cver=1
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 65
date: Sun, 21 Feb 2021 13:03:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912634.206298,VS0,VE65
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19137-FRA

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKC3rD7XSsYaCaBB_J_XyfU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame C1CF 42 B
1009 B 279ms
63ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9:$UID
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:54 GMT
X-lat: Pug23008:0:308
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C1CF
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9

170 B
201 B

16ms
16ms

Image
image/png

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9
tbl-x-upstream: 10.40.0.199:10213
date: Sun, 21 Feb 2021 13:03:54 GMT
server: nginx
x-fastly-to-nlb-rtt: 22130

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C1CF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e9a93081-7207-4255-a71c-4453a9636e55

0
60 B

107ms
106ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e9a93081-7207-4255-a71c-4453a9636e55
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 60
date: Sun, 21 Feb 2021 13:03:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.518693,VS0,VE60
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19137-FRA

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e9a93081-7207-4255-a71c-4453a9636e55
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame C1CF
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

65ms
64ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame C1CF 49 B
333 B 129ms
129ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-p9wft
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C1CF 43 B
697 B 168ms
54ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&gdpr=0&gdpr_consent=
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame C1CF 42 B
233 B 362ms
118ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:54 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame C1CF 43 B
124 B 281ms
53ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:54 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C1CF
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3ca77f30-115c-42b0-ac6d-cc05dbb3915b

0
227 B

46ms
44ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3ca77f30-115c-42b0-ac6d-cc05dbb3915b
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Sun, 21 Feb 2021 13:03:54 GMT
server: nginx
x-fastly-to-nlb-rtt: 22152

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Sun, 21 Feb 2021 13:03:54 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3ca77f30-115c-42b0-ac6d-cc05dbb3915b
cache-control: no-cache
server-processing-duration-in-ticks: 1787
content-type: text/html; charset=utf-8
content-length: 222
expires: Sun, 21 Feb 2021 00:00:00 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame C1CF
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOKoZrMKRujmRLHn8HQJrAGEKpI8Yvl5SYMbZt6g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOKoZrMKRujmRLHn8HQJrAGEKpI8Yvl5SYMbZt6g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=01688cf7-d454-432a-905e-fbbdc8a426b9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELF1MEbW_0wWHNXUu7xwcE0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELF1MEbW_0wWHNXUu7xwc...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1165753542662815185&opid=apx&ops=&utidl=tech:goo:CAESELF1MEbW_0wWHNXUu7xwcE0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A11307411827&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

43 B
1 KB

51ms
51ms

Image
image/gif

51.89.21.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A11307411827&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 13:03:54 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A11307411827&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date: Sun, 21 Feb 2021 13:03:55 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame C1CF
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B4NopF1uB-eD8SqHO1oyYA

0
218 B

45ms
44ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B4NopF1uB-eD8SqHO1oyYA
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Sun, 21 Feb 2021 13:03:55 GMT
server: nginx
x-fastly-to-nlb-rtt: 26224

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B4NopF1uB-eD8SqHO1oyYA
date: Sun, 21 Feb 2021 13:03:55 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame C1CF 35 B
380 B 513ms
128ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame C1CF 0
155 B 370ms
123ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&_r=5676616
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 21 Feb 2021 13:03:55 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame C1CF
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=7d012983-8671-4de5-a713-36fbe1779cf2
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a84f6002-47a2-45c3-8858-02495150abfa&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7d012983-8671-4de5-a713-36fbe1779cf2

0
227 B

45ms
45ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7d012983-8671-4de5-a713-36fbe1779cf2
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sun, 21 Feb 2021 13:03:55 GMT
server: nginx
x-fastly-to-nlb-rtt: 26782

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7d012983-8671-4de5-a713-36fbe1779cf2
date: Sun, 21 Feb 2021 13:03:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ofuxico.com.br
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 06:30:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 110001
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11712
x-xss-protection: 0
expires: Sun, 20 Feb 2022 06:30:32 GMT

GET
H2 204 social
trc-events.taboola.com/ofuxico/log/3/ 0
408 B 48ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ofuxico/log/3/social?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%20%7C%20OFuxico%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=14%3A03%3A53.827&id=3482&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: nginx
x-fastly-to-nlb-rtt: 27418
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.175:10213

GET
H2 204 abtests
trc.taboola.com/ofuxico/log/3/ 0
210 B 107ms
107ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ofuxico/log/3/abtests?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1613912633845%7D&tim=14%3A03%3A53.845&id=8639&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 64
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.287723,VS0,VE64
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame B4E2 4 KB
2 KB 9ms
8ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/mercurio.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:22:01 GMT
content-encoding: gzip
age: 2512
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Thu, 17 Dec 2020 22:34:30 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: DyyPFfeUbJMWlTFw_Jlpb4eBxhbk5BNvNz74r_PMlHkMuxMXIWrw5Q==
expires: Sun, 21 Feb 2021 13:22:01 GMT

GET
H2 204 abtests
trc.taboola.com/ofuxico/log/3/ 0
62 B 106ms
106ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ofuxico/log/3/abtests?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~-9161828408549130964~~clFGpRhBpHwP%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.32%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_custom%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20Home%5C%22%7D%22%2C%22eventTime%22%3A1613912633924%7D&tim=14%3A03%3A53.924&id=5131&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.328691,VS0,VE58
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ofuxico/log/3/ 0
62 B 101ms
100ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ofuxico/log/3/abtests?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22enable_custom%22%2C%22eventTime%22%3A1613912633924%7D&tim=14%3A03%3A53.925&id=7766&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 59
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.395119,VS0,VE59
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ofuxico/log/3/ 0
62 B 96ms
95ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ofuxico/log/3/abtests?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~-9161828408549130964~~clFGpRhBpHwP%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.32%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_global%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20Home%5C%22%7D%22%2C%22eventTime%22%3A1613912633925%7D&tim=14%3A03%3A53.925&id=4625&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 54
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.432875,VS0,VE54
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ofuxico/log/3/ 0
58 B 103ms
103ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ofuxico/log/3/abtests?route=IL:IL:V&tvi2=1571&lti=deflated&ri=2d2b4ee4f7f27d2eb66584553f9ab8cc&sd=v2_581e37466c96751f826a3d127441d754_1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9_1613912633_1613912633_CNawjgYQ770_GJ7fwaX8LiABKAEwrgE47qgMQOjxK0j8ptoDUP___________wFYAGAAaOKmqpGyrZficA&ui=1dd8ad47-2d3e-4e94-b833-11cce28c52b7-tuct72bdfb9&pi=/&wi=-5968843560457831475&pt=text&vi=1613912633246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22enable_global%22%2C%22eventTime%22%3A1613912633925%7D&tim=14%3A03%3A53.925&id=1745&llvl=1&cv=20210221-3-RELEASE&
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 60
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.480666,VS0,VE60
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/ofuxico.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4361
date: Sun, 21 Feb 2021 11:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Feb 2021 13:51:12 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
667 B 52ms
52ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3980
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19137-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1613912634.970581,VS0,VE0
date: Sun, 21 Feb 2021 13:03:53 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 42
x-cache-hits: 3042

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
50 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=776334610&t=pageview&_s=1&dl=https%3A%2F%2Fofuxico.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEABAAAAAC~&jid=636997308&gjid=700073408&cid=452567371.1613912632&tid=UA-97689914-250&_gid=1039508327.1613912632&_r=1&_slc=1&cd1=Parceiros&cd2=OFuxico&cd3=OFuxico&cd11=normal&cd4=452567371.1613912632&cd66=1613912633960.m9nwghja&cd85=none&cd87=none&cd88=none&z=410648851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 48ms
46ms Image
text/plain 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1613912633960&ns_c=UTF-8&cv=3.1&c8=%C3%9Altimas%20not%C3%ADcias%20dos%20famosos%2C%20BBB%2C%20novelas%2C%20fotos%20%7C%20OFuxico&c7=https%3A%2F%2Fofuxico.com.br%2F&c9=
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame EE88 180 KB
51 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 203595
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 19 Feb 2021 04:30:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 04:30:39 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EE88 13 KB
5 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332571
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 16:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 16:41:04 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EE88 90 KB
28 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 208531
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 19 Feb 2021 03:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 03:08:24 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EE88 3 KB
1 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 235350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 18 Feb 2021 19:41:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 19:41:25 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EE88 41 KB
13 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332850
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 16:36:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 16:36:25 GMT

GET
DATA 200
OK truncated
/ Frame EE88 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc7990c20b5405facbdd286ebe233a98e7a2362fe5790476209958bccd07bb81

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 10310634256846271827
tpc.googlesyndication.com/daca_images/simgad/ Frame EE88 52 KB
52 KB 37ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10310634256846271827

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d03dc80c3d3f6af88d39db193c3a855a32549740475030804cc9716ca92e9410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:30:49 GMT
x-content-type-options: nosniff
age: 286385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53526
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 16:24:24 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 05:30:49 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EE88 3 KB
3 KB 35ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Feb 2021 15:31:32 GMT
x-content-type-options: nosniff
server: cafe
age: 77542
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 21 Feb 2021 15:31:32 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EE88 344 B
798 B 35ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 06:19:42 GMT
x-content-type-options: nosniff
server: cafe
age: 24252
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 22 Feb 2021 06:19:42 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame EE88 0
0 42ms
27ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXAGtU7YFNTuIOMN9alwR4fPT9vjNMaSK3-gyd-eGLP8MCvUBaZs2nxHIJ5QQjDGjk8TXF
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EE88 0
0 76ms
75ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtRgbOVoyYLfOK8fFgAe4sJuIBI-Rwrdh_OCxxJEN9PGB_pgiEAEg0o_GHmDp5MmF2BqgAa_3oNADyAECqQIBjB44NSOSPuACAKgDAcgDCKoEwwFP0OIr0VVZc4nuxS3C1stqbWKzdvnb4iC9Hc_zgxKGWGBCuRt0NgUdPM1906Z1v08inSi0r2kiED5CqdS9ypQPqTbvT5HN9ppVFtPhVKGotTVWJCJ6oDJYTfk-b6QOz9V9ZBzcXe_k1Wc8-cs0QCbtJyeSje55YhCDaMHfzuyhLWk8RxPtmlr7f1sQ_IIvf_M5Hr20cgNppAoCYOJI6gx8v-SY1n0L0AIgjkNtyUpojL-_uDFNjJ0y_TosS02J3fX7MFjABO_N9Zy3A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAetuKooqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEO2pAtIICQiA4YBQEAEYHYAKA8gLAdgTDbIXGgoYCAASFHB1Yi02MzMwNzkxMDk0MjYwMTQ5&sigh=-qrTuPCI3m4&tpd=AGWhJmsaOahNW5spEKek1trQ8xrXyQ6IKqJeNeeHkWZth5A5lg
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
423 B 43ms
16ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-97689914-250&cid=452567371.1613912632&jid=636997308&gjid=700073408&_gid=1039508327.1613912632&_u=6GDAAEABAAAAAC~&z=58902560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Feb 2021 13:03:54 GMT
content-type: text/plain
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
282 B 17ms
16ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-97689914-250&cid=452567371.1613912632&jid=636997308&_u=6GDAAEABAAAAAC~&z=1404148978

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 39ms
24ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-97689914-250&cid=452567371.1613912632&jid=636997308&_u=6GDAAEABAAAAAC~&z=1404148978

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EE88
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Feb 2021 13:03:54 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/ofuxico/log/3/ 0
240 B 109ms
108ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ofuxico/log/3/bulk?tvi2=1571&route=IL%3AIL%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 66
pragma: no-cache
date: Sun, 21 Feb 2021 13:03:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613912635.854723,VS0,VE66
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-Q050 200 container.html Show response
35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C403 6 KB
3 KB 28ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 21 Feb 2021 13:03:53 GMT
expires: Mon, 21 Feb 2022 13:03:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767901381048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E5F 510 B
341 B 24ms
23ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVF3nMdNkM2-GtG10_UzzP3ry7xBMofWgVOHmrcJvqm7tqAiHh9iRkIsmv; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Feb 2021 13:03:55 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame C403 111 KB
39 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Feb 2021 12:51:50 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame C403 5 KB
2 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:42:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame C403 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 10:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 10:34:53 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C403 42 B
110 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1S_AM_SLUgkOBLHXBm0CKmk6rY4VDEKHazbiBKaDhVBkRD0T7bIuICOCKgpXQIXdci_4pdfXkKy9al93D-ZnZj-IU2Hk9da3K5Rtdh36yU45fqVQ

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame C403 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:00:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C403 107 KB
33 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767888072973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame C403 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:04:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C403 0
0 18ms
18ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTn6NyZFy4Hr-xwkqZq_8Fl9-8aqJAtsp75YycJrWLRXaWIKWiihIns8ETA_nh-4GTz6jSi
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C403 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 12:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87147
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:51:28 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6E5F 170 B
243 B 50ms
50ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_sc=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1&C=1

43 B
1014 B

52ms
52ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Feb 2021 13:03:55 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E5F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDJaO3KXlsVSIQPeDytQxAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

43 B
894 B

51ms
51ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVSu8HCAXSGk0lkugyrmOFZm9s6-DUW8jjXVnK4beb-eFfcC242qgzpjjmw50maEQR56RxqLTYYPQgLJ28G3Q6Jn4ilkaBoxZXjVH93HMefZDJN4SqXhcPiNAr7-BhtGXsnIp6smWji1Jm9DJ4p03YJ54C4oerPpCVTj362edp9SVvdRykHcx3hsPMHp3S6F2BEhKSCazBJMnE6LAlyRAMPUV6IOQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Feb 2021 13:03:55 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C403 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9d2c3ae3c9483122b414519f21eb64bc4f775c4fdf8209b08c7a56747ed50dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C403 0
0 168ms
76ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEJEJY2fGrjivaClqZOm-rmSQgx_runHvNntc2NWi0l9viv6FA2XbbCEml7WymcTBZblUulgu0L0N0FppjN2TEMvarbiJM2DvehWCZXWSPA4bwG7xspg9g95Yv5Swi3CGHHYjAVdlwwpZK3fjXv-EBa6T2bnS-cHHZv53jIQEe-a1Wt_ExdXdlmPhUWs6R_TuD60AOxH6JhPBHyeD_M90TZmGBP8lpDsOwn0lgUGILL4Rk-TNqXprcyoVMQ_T_OkXjGLZrvHUI1gEwYvRPj1FyD5TLE2oz5ngrr1gzaAAB_K5HhmmqmzVhdK3PqA&sai=AMfl-YQGSspHwJB6sDEGsAvKgUTxR0Y4zQcbAMDp7HLdlt65mMfcXlzsx-5mZRL823N7QzxYNR1e1NBpDpn5TzBH96DLp8hCAj-eOyiDJ_jNjJPSWfmJwP3pO_EcAwJUBdWk&sig=Cg0ArKJSzC29Oi3j2RUoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BFE8 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Feb 2021 14:32:20 GMT
expires: Sat, 19 Feb 2022 14:32:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 167495
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 20 KB
5 KB 28ms
15ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ed1a535be2f9c8e525e472095569f2a3bb6d4eedf9285fa386faec35ef850ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/10474983248318800328/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 21 Feb 2021 03:14:52 GMT
expires: Mon, 21 Feb 2022 03:14:52 GMT
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 4757
age: 35343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C403 0
164 B 86ms
85ms Other
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJLI2ICPQG1J1v1xb_Zh3NPgIhra57Gq20wFWkA8Yw_qobQ4BaSQw4ktKJs_c9A9Doi_qc1999pHmtX-KuVLazFuitdCaEXSCQro-YsRkWiTzbLwkStXPQWzCq5vIlyLW6dVs_E7eyzIRMetrXn_enwP1i1VNxa11rUvaXbFDrIFNzClGvAYhuMu6rw6SKYTW6wnRKuhsUVkl4q8c253J7Rztzwo91-WhG5gI-gE1O7muo3AFXWinQ5lvk1MQ24nNv8maAO5kPbGXrt0L0D2skK0Ld4VX0y6vgC9XdLU0HuT3Ji-U7xycnmby1rIFi5WtuFA3nD8rSqFCUSbnwkcJzPFK3UkdKgjhJs_BNt4rQR8d8EmnI9GljsNcnl9-ZOtgxlP_kT3U02iAJUePL6B2MY8xQJodvtC1h_GsHS3AOj3lM5IPhlsS7mgroj9DrIIn40uUyyWGTglBaDiA8ABB05c2FHsbeD_4dhSrr9mG6AuEWSbOobOh1RS4KHFVPVuLEp1mtOxQqAg6fJL_UduHxFSzxrMUfPK3YyUNVbin0KgTpc8G8XFTdDz7YNknQNnCpxWYzbcaICcgQjFZ3KJQgZQ2jKPfzzEKSvCNi34_dWOJMA8O1_MY7aU16Kv4tGbv1f_6DH8gFoaBog-V4ohxYo9I7aNCNHshyOBjl3PlckqpRNIdMnZke_05HrVAGqpPYvGkRiTwKXidQyMO98NfLhRhBA2SfsHBIy01wWnxnwZhgIpVWNyxu5i6v06LdqCIRtHPiE4p556CWXN72Zd2X-v4oFbNtLl65AVDZM0TZ6chSWzlcjlGuYUoNVS19XPFR370pNGLfHDyRlqFl4yMPjaM9d8FEXy52j-UB31H3AOuqNgs8G-EtpKUadgzm3oDSurxmnScG6bjIiYrwaONomLlY5DIbWeg_hCURDBLNkXXwHczVs43PzWZiS25h4UqWG5t4sFU6WjXEOu-z15mTGnhrLWhdViGSxpqsn4kVMHjl-SBaHMWonjNfuNdgB3YU4N0W8u6xjLD6ffKoAg0OKVb2mYRkmMVg2G3CwPFQIMgRMiKMaRRY0FZi3Dp_oij-JcAcoLshxhKWQ29wXn61JY9abF4qfU3vVKZp7H4ht55Vs24IGI7x0yqnMpAHQnG05xbFwCpX2MzuDJHyFC7nARbZDXc4sXcwjPrk_yIbvTZXHcuj2c9RLuDeYqLjHrJndSEYXx-stiKMkWKxXLHQx5VFK6dMNnm88ovH1lTFSlKKasJsoMKeT5G2ujMDkebZwxcvCaNuoHi1ZhEz3nAWww&sai=AMfl-YQ9MxYqJgy5ngKSn5-wsxTzLsn5b9rl80XquuUgls1TcO_o1BlTQAgqCA5zFUUxPUksrTzvPspIkj2CVLW28VNTLIuP3NrP37_pDiMbac34LfLeeUdJGG26RyJ5sS5Dme1wEDLZSLNTNmnNmmM6lu8JkUlqcDTKON9T3DQGk9O6Cx--OdvBEQ0wWxJUMbBV6hlM97OA42JRht9oKzcYnf-eJI9D82J1Vi5qgSqdDuf-CSNsFIwLtnSnMF7vIJHnLne6cS8rSGyU5guKvV2PF8MrIWGUfp6S4mCnAzteJzt1b8NFCG6xFR4-36oItTvBgsc6puRBof2gKzN-01pVhAjXWOq9YHZw8kANzwnPIHhvQ_FPDpKfuywf7reSIDV-PzjisWrMw9c&sig=Cg0ArKJSzM66SFMr7X5BEAE&urlfix=1&omid=0&rm=1&ctpt=189&cbvp=1&cstd=186&cisv=r20210211.95685&adurl=

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Feb 2021 13:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 container.html Show response
35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0920 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 21 Feb 2021 13:03:53 GMT
expires: Mon, 21 Feb 2022 13:03:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame BFE8 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 14:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 80744
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sun, 20 Feb 2022 14:38:11 GMT

GET
H3-Q050 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7158 57 KB
23 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 55be500f0943b507ec4f21be5026b03f.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/55be500f0943b507ec4f21be5026b03f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce1102f198381080233adc8bc781e8bb702591af65ce45106d16ecb0a657a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:54 GMT
x-content-type-options: nosniff
age: 35341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3631
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:54 GMT

GET
H3-Q050 200 cf145d4cf038661d76153ba1a2c23393.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/cf145d4cf038661d76153ba1a2c23393.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8adf05dc6c6689b43d931ee770cbdc85f435d53421ebbd770c3eab4657987b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:54 GMT
x-content-type-options: nosniff
age: 35341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7709
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:54 GMT

GET
H3-Q050 200 18f45835028be85bebde99c658977a56.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/18f45835028be85bebde99c658977a56.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a3168fb2dae89d7647585fddd51d1d9330cd0bc12746394990c309485f1bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:55 GMT
x-content-type-options: nosniff
age: 35340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5512
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:55 GMT

GET
H3-Q050 200 d675f0cc5a0d6b7d7543288a6a96f361.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/d675f0cc5a0d6b7d7543288a6a96f361.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e46ec09df243dde27c6ed2b200e5fe824c8c2a50bbd1252af0ec341ec7df887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:55 GMT
x-content-type-options: nosniff
age: 35340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3363
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:55 GMT

GET
H3-Q050 200 d6b2d242c60a3e0b4aa2cf1d8ea94c0f.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/d6b2d242c60a3e0b4aa2cf1d8ea94c0f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91b8723264d4c75f524ada8880269d8c0dcec12205e01b7c57d725b1f0824da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:56 GMT
x-content-type-options: nosniff
age: 35339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:56 GMT

GET
H3-Q050 200 bfd4f7774a03ddc44a3d49a8934243d4.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/bfd4f7774a03ddc44a3d49a8934243d4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb1d1e8370ae75f80d60f936bd055c20fb1c75174a644c0805255a7bad1f25f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:56 GMT
x-content-type-options: nosniff
age: 35339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4984
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:56 GMT

GET
H3-Q050 200 69e7acb0d67c5e11eaa2ce7e36140db8.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/69e7acb0d67c5e11eaa2ce7e36140db8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04b3558fcf6a45a803e0261a9597d93ad42de503b23fc2d5a5185258d660e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:57 GMT
x-content-type-options: nosniff
age: 35338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1681
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:57 GMT

GET
H3-Q050 200 c09fab6573bd57a7041fc58e658dd8e8.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/c09fab6573bd57a7041fc58e658dd8e8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffe84113442ad457d66e76b4b668d1f13dd2df120e78b6f004e46624f2e392d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:57 GMT
x-content-type-options: nosniff
age: 35338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1579
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:57 GMT

GET
H3-Q050 200 e0158214ac70076ed0c660ddcd17589d.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 3 KB
3 KB 16ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/e0158214ac70076ed0c660ddcd17589d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

650b8051c41dd8f2560549eec64e2b79eeed626e3fbb2affecd1f41d333e1c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:58 GMT
x-content-type-options: nosniff
age: 35337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2633
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:58 GMT

GET
H3-Q050 200 1efffe568dcf4c9ad70700ea43899ead.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 26 KB
26 KB 16ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/1efffe568dcf4c9ad70700ea43899ead.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

488e3319c6241eb53a4e994ce490442086cca2ce20b89d8a5496365338e75f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:58 GMT
x-content-type-options: nosniff
age: 35337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26584
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:58 GMT

GET
H3-Q050 200 951fad353a7b73c25c8344e6640618e3.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame 7158 1 KB
1 KB 15ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/951fad353a7b73c25c8344e6640618e3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18d03264b62254ba4c1020f22b33705ccf03c4d802646beb7ae5f7800e0ed6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:59 GMT
x-content-type-options: nosniff
age: 35336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D3AE 510 B
409 B 21ms
19ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnTKHpEJeGfKjLuluRgKXjIVHMFCSCty4SpALV2LGBEW84136LKt4ZcpSrx; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Feb 2021 13:03:55 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 0920 111 KB
39 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Feb 2021 12:51:50 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 0920 5 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:42:53 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 0920 18 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 10:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 10:34:53 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0920 42 B
76 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVc_yR5SYM0iShkRWv5-CLLt0JMOyKtuDgaLbLRtjELJmAd4jza4OA4SDgNvnWvSowU7HW8ortIUemFPA-aqwlmz1t0j8qYkvS2ECzabyCcCR07lo

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0920 3 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:00:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0920 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767888072973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0920 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:04:14 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame C403 0
412 B 42ms
42ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4262409186531108&r=320x50&w=320&h=50&a=0

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0714 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 21 Feb 2021 13:03:53 GMT
expires: Mon, 21 Feb 2022 13:03:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0920 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244282
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:12:33 GMT

GET
DATA 200
OK truncated
/ Frame 0920 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a127d031674a6a1303c26c410c2afdfc20d82dfefca224ca9fed1a68c0312c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pixel
cm.g.doubleclick.net/ Frame D3AE 170 B
201 B 16ms
15ms Image
image/png 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

43 B
894 B

54ms
52ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Feb 2021 13:03:55 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3AE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDJaO576bSZJ8Xi7686RUwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1

43 B
1014 B

55ms
55ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGOCfjJ4BMAE&v=APEucNVQWG1ULm-fr6iwt7zahTaZ-cZtBsoV8_VIj2GbSwF_xQFCzG31WuiTg-9E2EXqlFGIeT0HqKY1i07cME8NmNKG00pYZfcwt_NOTeh8pUJL_PEbBbXAL7MnvNHCKdGSPepmBLboRz7fwfscpvs-x22gzSsupAW65O8pQgac8wlkz67Q0pfw4kcu6Y6EpCqtupTgtcTcrahXJeTCMbIb8HRNJC5h3w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Feb 2021 13:03:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAqfkvo5VsFTFDbQOjC7hSc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 20 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ed1a535be2f9c8e525e472095569f2a3bb6d4eedf9285fa386faec35ef850ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/10474983248318800328/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 21 Feb 2021 03:14:52 GMT
expires: Mon, 21 Feb 2022 03:14:52 GMT
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 4757
age: 35343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0920 0
92 B 50ms
49ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOpKxwZ2TdViQDjRkLSW9o6L2KfrXyx5g4NNzk6YiHNxynVVdvcIxXL_HmmjFYZKuXuvJOFTKB5UoLS7YA8NkfLjrL1zSAAPrHIgNR9bFk-ABwaqvLgRpR3AM6ingDQKXVRFHnCw1NX-WgAupfq_xoOHtl6numvk7ekXGl_QOYIFufR8oVPGlJMKb7j7kdGieRAObyAgPy07d_yzyqvrE_Gdl7rhn_cctGw97QaPc4ssetAGEUetRo9TWZuK2frvliv-Jez-E60ZD7a_jRb4dk42V9vmUYCHbAxTCRZ89GV8O_dCPVpjW9cwL34H774sDX9foF9FnbVH39y9HxSVhZOCGBQpSr3uG6YcaC5Di2SFV5AJFGeQzAreDJWIoBFdkfaQiwVGwHgKuYFmWCysw67hRyLPNoRqcIx93XB-lp2eO3l0Gr7NWry7_KWzNqHLQ520PB3l5G9kBz9jJfLsB3r5jPSwrFi1cfrEORw16UrOfkaPUVpo01g3p29mHqlqf3KFkdI3QvDSMmi7bAD4N8Ldkd1ZpNVM5Q5TtBif-_a0kgOBiHsK4V3VlzzfmlU-zt-CRvzaP3NIV4LArQ6OKOVdQGTjmjPFkidk_g0K6DVtQXfjL3bso6QASBWuR30BRWtfM1AskpqS2bh5nuw8uGDaffJGKD0uEHrVbRAeax3Ug010qtC1_oBTj1Dw8N4ybouW7wYSRkMqZ8iaOzEr67O-v6Dfy_AQ0WQNBdG3mijVTOKgrNjM7MdyjD74pDhtmRm7Fgi5hajzrKm5VjLfRboyJx9QE12t9PKrD7vLRQ-8QnGniLcE2AR-Fyee_9CWd2RJBI1O09MZVZxUAqDnk7DRBfcRj3ikSRnit1YJbpTrWzGt_z_3Q4hxClN3WbAiStVCp_FuARIqpRcT4DTU-6Pt6Up95ncGQV9FqHp9zPpnPl7ahPQtgmmxIp1GJutQJEhNzC8fWt0SiVFBh29chSm5Wx5O4VWCQ3H0oIsdqGrYV6JSDfTuBQSMe5wQhWjzQwBNjZxPOvdmePDPuG3XZ6BFR8Uc_MTKU1NF5XbO6qkxmlLz0em3YME3So-mSYN7XJhS3-QaNSPZ51THzkpmAII3jNMHz_7jUfQQAwN24WWkIjDns548dLXIlJDG_DvOOmy-zGnXSUQnqgYEVtDkvHA5BNhcwODWf02iZLO93D4X53nVAMihf3t-YMXi0HUsXf8j0Z79mCZ3Pxsu-NuFLNOd0ruItCN07tjkXIHWIrXsLJACnFlX9Lp_XXnjty6O5nhQnkNHTM9r0&sai=AMfl-YSXX9HTjO4gSLsDNi_X32guSXbCdN-AnrpJCqOOhXBiIpjAxdroUu_fihEMrmUYd2An87_IgkiFnDkWBQcpB2DYe20GUU_XOlYMqeByZWh3X2Yi5IQQ-LJWdrfJDJ-Ww5bsUAjSvAH8MLn3L128YR3kZOf1pLf91RaW6WA_SZBKiaSgndWQW5UjnLG5eVI7GRDLEhgFRAXA9MZ5688vpYMhJYHd2eNu4WNf5sRX6ZHh2RmIGs-xPwd6BIyK-7EJm5B19iHo2DLbBfZwueYEmIwNMAX98VyRaAawMlZaBtsjNSU8wDfMqKUslZO3trpTVVkQvJrmuRceo9mCFaDtqquNvuRhYE5Bf4wLfAq8lsjRdNww6XSzPqqX3At3g-_cebxa&sig=Cg0ArKJSzGuYoepXcNtREAE&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=135&cisv=r20210211.26024&adurl=

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Feb 2021 13:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0920 0
0 141ms
91ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr4L1fnbS25YtWkMGmp3X9aIIKRijcTvtZPSd9J1V5iMHVddOxJ_F4zuhAT0IcxuP1HDNSe77vi5COrF9puPfdoJMKzl0v7TXT4QLiEOOMYsTyGZaB_M2wYRDp75kGBHtpo_GaRcZPIu-dEH0_AkfBcS9Rkj_tCjP7xUdSb6-vy25cm_yQRQ3wfoFgsuhYOOVrWsbOAFkelQhFCgaYPWtxa1J66WjDN4Ms2MrAvJQ2oWmIOXooEs1R3KVmWlllexSr5oz3qJMwfL2FsDDnBsi6G--_LRVFfbcO_XLHSBqdlRZteOnSUIpq_C-sIA&sai=AMfl-YQMeEE68YIHntj-BA4_Uo-UT13NuZt5P8i0ZezIRxFs8dpuUjeZLK-KsWkuuJwl3tlKQ0zihXSf9CD_G94FQfNR11yBsk66QgkpVuqFnBQjOxHPpw-awUK-DX7AMZk&sig=Cg0ArKJSzL2fIlbyjiqyEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 805C 631 B
325 B 17ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnTKHpEJeGfKjLuluRgKXjIVHMFCSCty4SpALV2LGBEW84136LKt4ZcpSrx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Feb 2021 13:03:55 GMT
server: cafe
cache-control: private
content-length: 300
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 0714 111 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Feb 2021 12:51:50 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 0714 5 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:42:53 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 0714 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 10:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 10:34:53 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0714 42 B
105 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B98Blmnc9YDp1xVzbiBLqFaZs_WMVfpka_1J6FyVud3iPMpqyYR96DiMpG_QmGflUtxnmUR9ex2mWCqPDppNiitTWtP8UZLkYeCu66k0et7sF2mWg

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0714 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:00:03 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0714 107 KB
33 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767888072973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0714 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:04:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 0714 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV3RobdARORSMg8A637EnUrDkZAcCV2hN9eI9iOjgg7lm1opFre83EPguYU8uUYvheFpDO
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 85F7 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Feb 2021 14:32:20 GMT
expires: Sat, 19 Feb 2022 14:32:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 167495
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E7D3 57 KB
23 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 13:03:55 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/sadbundle/8733578000215101729/ Frame 4158 16 KB
4 KB 10ms
9ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8733578000215101729/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4466e5b96ce9c662ce1559cbb3ff9a70486e18cd56d0010fb4e87edc03353473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/8733578000215101729/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4067
date: Sun, 21 Feb 2021 03:14:25 GMT
expires: Mon, 21 Feb 2022 03:14:25 GMT
last-modified: Fri, 19 Feb 2021 20:44:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35370
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0714 0
33 B 52ms
51ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss76YZNcnBhQ16dEfE3GcYKNJL5UExoNmEdlsZpNJ-GUEZqb2SVQobQCfYLJuwicNVyZrcVLAjBmIH4opQLev4Kpwrhz82CK4oHwUupRHnhMIs9ygt6cPHtcNgv30VMmRLytuEh34qfe0de6pFLGmmrRtvXepnFnbyyhwbmKL27Ns1COZ62nhuOAAt79kTZ1piAp5sdMricAmFGsftdgS4AdCMWrz5zXhLTCu0rmHEc_7YxNoUa1yEzpOagZuXaowSICFi7O_JcHstSpUvAuB4WvYu2JmLGWzxACMfsvkGNazEZrQzrJgcsITdMOIEvB-BxOCmTlWh5w6b6QYAgL_vUPH2JukaWJAuucZJsOJJGVxwWo5qOTxcIYRjnI57dMFPdRZ7bpv2LdSfxGwDJBJH4CCgtO9MYtLRuUDBICu6ytXZolPzkNKG9F90b_4UmxCTxL-zqXOCmaBS3CmzObJ-uBRSmREbfJNqccdSAlSmtVZG9E6xIy1mo9mg5GAdMFZ5f1QTbUC3hIcVJ6kjoDhLpBlv_b2ngvvse5ygjt7Qe2qfNsNOGUcgZ3FrB-b9JeievUV5LYpjbloxRRl9N0L_ulCPkb5KFx2lFpeO1qSK9euOtFEV2l_RwGtBZBiDALtbzYe6YC7nCpcKu-pq7-r-ULUrB7o7uyz7vbcLicvkGxnb0t3nfEFc19JPdylrEXYV9Ujr-vSw0LcALD7Bpfe_IexgVGXlh4gIrmiarPdUckvSLhCnbUBVnYP2-qwiGfh9MQjJ7z4FmompFwzqMVyu15QeoVBPN1a3KWQh5f9R0aD8_00UIR4CLbSgC1USLtcleek635a66_rw0I_l_Lqy9to0NbM9z0TgP6CIVUj91LDsdMnH6Lqg3MgDl5ZEDdtuQWXTqHq0tTp2J1sWQo4ep0aJTNy7JOH5SJ80uvAu861pkuEAdIjE_CV7q6hnqO7FzeRJPI9Ok8l9jAMZxGhYwPCqkGEN8mIKPmS9zx5snkVdqtc7Ys1CexZkFH5LLkZ76QpxPCnjPIBr28UgY6Cygm0e2Y059LusPAH390o2Sq4aJiyRmP1Cus8kqTXebiwQCBpuOBKPK0QP5fhdhMwh0CJpDbENvDTLddUegeE_Cl9rHhisOWaAkZr5Emxdl5ZdTAaew7FO6ecMxusbUQNL3lAhwj6oP11JV6WU_4Ln86vBjUt1hcbsdjZnydmEuHxAKadv-y5bldH8f_wkQs9QHKOOu2DLhVTsq6LuDZmFbxvRSDQE4D6C8-gjqjeIcqPVp4ow4QTXKGsXkzLCVqCSh&sai=AMfl-YTcsyPezObOxGV8qBjSdZCKgApPu9ihe67BPxVLMFP2pX7d4jhZ6Qi4QAmFcpNVzwFGtLyDaxbu4VHJKLn1jgv_e3vxF3EDpRpulvzmM9KxQxoj8ag93gn_zkpwMK-NFEUWSm4_Vf7g33AhrkOPDit3JjNlsXx2VUjsxot_fBqVS0dr1LMnGbqqbIH4uUV8uwgkH44W_8FnZojzHjxMPSSWZ6qUOD-TBOjcYg0TWWUCCChHUP0nlvj_IFp5SCAJOYNesApP19y6gSorvdaRrT-RrAgdGPO5YKJULyjXGYD14uz_KxMTi15kzoSZnyCV1DIWaaOLwUWbz2CiSpjE7RXVfk1K4JgJv66wvtYBfifqxBSLDIcmbHkswOr-jzbH8ocSzfUzwH8&sig=Cg0ArKJSzKwsJogEj8qeEAE&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=44&cisv=r20210211.53778&adurl=

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Feb 2021 13:03:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0714 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244282
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:12:33 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 805C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECFvA66VqHgby3wSXRqkQX8&google_cver=1

43 B
1022 B

56ms
47ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECFvA66VqHgby3wSXRqkQX8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:56 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.57:80
AN-X-Request-Uuid: acbd213d-6df5-4d3c-a0e1-e0b57d449772
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECFvA66VqHgby3wSXRqkQX8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 805C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NTc1MzU0MjY2MjgxNTE4NQ%3D%3D

170 B
190 B

19ms
15ms

Image
image/png

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NTc1MzU0MjY2MjgxNTE4NQ%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Feb 2021 13:03:56 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: df0b0628-4dc0-452d-9cf6-d9a794228505
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NTc1MzU0MjY2MjgxNTE4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 805C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1

43 B
172 B

58ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO7GbNtcUaxWYxO-A1-uIOM&google_cver=1
date: Sun, 21 Feb 2021 13:03:56 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 805C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjRiNWVhMDktMjQzZi0yMDgzLWY2ZTYtNmY1MDZmMDY2NDE0

170 B
190 B

18ms
15ms

Image
image/png

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjRiNWVhMDktMjQzZi0yMDgzLWY2ZTYtNmY1MDZmMDY2NDE0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRC31PQCGLOPjJ4BMAE&v=APEucNXb7RqvmQvw8xVsD1LvRPamRfZT5gx5bxv3sd6k5h1bmwZe8bsV_aEMuMdCm7z66KnWiMfesOjNyTfPEEASKe_c_vwc7WVz2mqYjxuxHc_VXC6P4qjnggTixPMNQARHT2z8pVYMupm7k40DFhYl5fi5t4joJ3jVx-jD__dCeroMoGoC1hzT34cOjH64e6dxAR3hp1jQiwwj1WZJ4iDEi2XCCkB9zQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjRiNWVhMDktMjQzZi0yMDgzLWY2ZTYtNmY1MDZmMDY2NDE0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-Q050 200 55be500f0943b507ec4f21be5026b03f.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 4 KB
4 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/55be500f0943b507ec4f21be5026b03f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce1102f198381080233adc8bc781e8bb702591af65ce45106d16ecb0a657a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:54 GMT
x-content-type-options: nosniff
age: 35342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3631
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:54 GMT

GET
H3-Q050 200 cf145d4cf038661d76153ba1a2c23393.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/cf145d4cf038661d76153ba1a2c23393.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8adf05dc6c6689b43d931ee770cbdc85f435d53421ebbd770c3eab4657987b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:54 GMT
x-content-type-options: nosniff
age: 35342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7709
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:54 GMT

GET
H3-Q050 200 18f45835028be85bebde99c658977a56.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 5 KB
5 KB 8ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/18f45835028be85bebde99c658977a56.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a3168fb2dae89d7647585fddd51d1d9330cd0bc12746394990c309485f1bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:55 GMT
x-content-type-options: nosniff
age: 35341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5512
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:55 GMT

GET
H3-Q050 200 d675f0cc5a0d6b7d7543288a6a96f361.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/d675f0cc5a0d6b7d7543288a6a96f361.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e46ec09df243dde27c6ed2b200e5fe824c8c2a50bbd1252af0ec341ec7df887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:55 GMT
x-content-type-options: nosniff
age: 35341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3363
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:55 GMT

GET
H3-Q050 200 d6b2d242c60a3e0b4aa2cf1d8ea94c0f.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/d6b2d242c60a3e0b4aa2cf1d8ea94c0f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91b8723264d4c75f524ada8880269d8c0dcec12205e01b7c57d725b1f0824da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:56 GMT
x-content-type-options: nosniff
age: 35340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:56 GMT

GET
H3-Q050 200 bfd4f7774a03ddc44a3d49a8934243d4.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/bfd4f7774a03ddc44a3d49a8934243d4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb1d1e8370ae75f80d60f936bd055c20fb1c75174a644c0805255a7bad1f25f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:56 GMT
x-content-type-options: nosniff
age: 35340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4984
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:56 GMT

GET
H3-Q050 200 69e7acb0d67c5e11eaa2ce7e36140db8.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/69e7acb0d67c5e11eaa2ce7e36140db8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04b3558fcf6a45a803e0261a9597d93ad42de503b23fc2d5a5185258d660e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:57 GMT
x-content-type-options: nosniff
age: 35339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1681
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:57 GMT

GET
H3-Q050 200 c09fab6573bd57a7041fc58e658dd8e8.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/c09fab6573bd57a7041fc58e658dd8e8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffe84113442ad457d66e76b4b668d1f13dd2df120e78b6f004e46624f2e392d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:57 GMT
x-content-type-options: nosniff
age: 35339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1579
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:57 GMT

GET
H3-Q050 200 e0158214ac70076ed0c660ddcd17589d.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/e0158214ac70076ed0c660ddcd17589d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

650b8051c41dd8f2560549eec64e2b79eeed626e3fbb2affecd1f41d333e1c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:58 GMT
x-content-type-options: nosniff
age: 35338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2633
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:58 GMT

GET
H3-Q050 200 1efffe568dcf4c9ad70700ea43899ead.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 26 KB
26 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/1efffe568dcf4c9ad70700ea43899ead.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

488e3319c6241eb53a4e994ce490442086cca2ce20b89d8a5496365338e75f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:58 GMT
x-content-type-options: nosniff
age: 35338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26584
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:58 GMT

GET
H3-Q050 200 951fad353a7b73c25c8344e6640618e3.png
s0.2mdn.net/sadbundle/10474983248318800328/ Frame E7D3 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10474983248318800328/951fad353a7b73c25c8344e6640618e3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18d03264b62254ba4c1020f22b33705ccf03c4d802646beb7ae5f7800e0ed6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10474983248318800328/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 03:14:59 GMT
x-content-type-options: nosniff
age: 35337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:44:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 03:14:59 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4262409186531108&r=300x250&w=300&h=250&a=0

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0714 0
0 77ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssarZjKxU6FCmFZeTZieu2jTTHwvQQlYxDRQ6ijCzpQjhZnXoAcExw7ojQmoW6vYgxK_1gmC693Z90XampA0IeI6bIj5M1kQ4i8VA2okC1cJF-LiuKr_eDz7PFig2HiLDazEkvRu8ZiuVyGeqk3n_VD_kDGe2qwtJjfxj6BLKDdRWiWiQrpx3EfGL7inb1h80nj1iUZ9kLiAfBJ0XfKEWYC6qFXedgyWpKC-cw9tSWS0oCXfDG4AAAiwEJqT7FTFzY87h3VZTJuwpCiouNPR8EoyukKiX5fWB3O9FtM93H90yeS7qO5B1JrY1xyVQ&sai=AMfl-YQuRkxP_gDsoPLgsxPshh404igSB_8qCUoA18ufxP_xrfmF2WW4auAUMMJitM7BekWM-ZuqsKbH7Pz_RydicK6sbAeyKFGO7lf9iGjhR4bTjd1H9F3kfSUfQPM2RQ3q&sig=Cg0ArKJSzHFu-9w95PaJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 018E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Feb 2021 14:32:20 GMT
expires: Sat, 19 Feb 2022 14:32:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 167496
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0920 0
22 B 43ms
43ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4158 57 KB
23 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8733578000215101729/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8733578000215101729/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 85F7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 14:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 80745
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sun, 20 Feb 2022 14:38:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFE8 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiKyYO1oyYPziBYKAgQf9w6_oDwAAAAA4AeAEAg&bg=!ycqlyonNAAXRs2QT0TsAKQB2-DxaxeYMmCWcNs8RnpsmQk-JxTBWiobjoexKb2-d2TnOOhQbxVF0AgAAARtSAAAAHWgBBwoAzBUQiTiyATBRAIw6mLMGJCIdfh3Aq0LXczsbTAxS78aibGAKCvIfKIRQtDTFUqHrDsClGleqSN0EGxbvAnPwCHyRuySzgk1e-qZ4_lR8P8UtTrxKugTe5dAmGtlS2IBHiQ0NioJLOruJJEACZ7HZNUB09XkEsPjptNY97uY-EJqlOVhe-DvgjlfEuBinmlgB8QwwEY8bSTCIo_3bT4oBA7N-6zCwhq-rax7yO9NzafE-q47imObB60gadS2LjYI5vk5X9HfqMsoraCqTJJkCadtZxrjw1n48hPWRhdL9Xxa5GWcsjYTo_CUpO5Un51snXDGZa7QIBjDUYVywnKbs0nYgGproafbyNIdiP_0ctbEHKCD8Bu1FPdWwKf3XMUDr9PsX_lQm1P2dwq4glXqlH1NiNq-SEm-2boYa90FmjXddhEO-1CowUtk7TLoZT_cvE3vzaAwKvx376iSCxMaTlyBr84yztj3-k5jrNUrwCKKEnhUr6TxH_984TQbYnN1qOV-rwDJZVUgzMAut4-970lLvS9ytGh2xkfFH9zxhHKqpyFDS9QpCwtN8iC5K-dAZPlo9sAMoz5AXApdrG-Zuj5iFI5u8PZ7Eq3wxNPWFBBDX0_8UIyF2aaVeNs9mFRrzFIrJQgi1D80Hm4OOtk_ib3Fjy-PSIaXAiOSIP2rPunG8zOYRmTNgQ5kgyZDTfts9tuT7s34c66WD4rXP49aHk3DetmglnvwhXfJhiCYTqq23Zgpecf2Y8FhF89mW6hd2wwcegMHIk04jgk3lUCQDM5gqaiNPvHZ5Gl9CyveHg_JWnjwxgaD3BLKn0DuWq9vhuHnmnsxpYo291CqhLuRDmt86zHMg53MOZrpxnzn_1NCUCDzB-mGHJwTGO7iazjuPU8i_IB4oqy_dy_5f2nBvqE_BmGIgUg2YQQoxazXzGqLtgw7Yesc10TXHEX-W7LHitH8fpGSMu6GwwUtLC3zEOHvThRiZmQ9KvaTyeLUJt4NDUX0tHSVruR1dvz5-1Tu83fjUenwRCHq0wqt1f-QhaP2NRxnk5Q3E5rDDBMlTEFN_MJWlDNuf9KKAkNiJNgrblNEiUfRpmGUI

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0714 0
22 B 44ms
43ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 018E 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 14:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 80745
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sun, 20 Feb 2022 14:38:11 GMT

GET
H3-Q050 200 container.html Show response
35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F714 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 21 Feb 2021 13:03:53 GMT
expires: Mon, 21 Feb 2022 13:03:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F714 0
0 76ms
75ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqYtLPFoyYJm4AtCpx_AP1v622AT-0_evXM7PvdjqAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEJ4AIAqAMBqgTEAU_QvbKtjMdd8uVIqWXTV4pVMlPyn6TlLHVWrGcgILR03R95D3UYJ81_Ojca5HSCDQnt8CS07HVdTZqZA-YJmhqB9FzEywlR63AOPVRK_a6H4M9rZpckWNM2t9UnnNfdiZ3ZfaX8fPDizCZRYCwBXuyF33VAiby33nEEHHB9n2nsiRAwedcF9vz5T_p2oY6F69AfAKAa9MI382IzyqIizZU7KW2U77yWKPRSsMiZUv0zy_qygZ4qWXkyjByrK7RZUdSHgS7gBAGABurHs7KunuCN3gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgFAQAYAKA_oLAggBgAwBshcYChYSFHB1Yi02MzMwNzkxMDk0MjYwMTQ5&sigh=ROtSa7Ms0B8&tpd=AGWhJmt9jrBJo-_4cOiqLCOm4rb7i2mu5UiRX0kR8NPLWXeCLg3GONLCDHU5WQNtYBdg-DAdjqWgpfy9T7M-x_m2FcxzZk438Zdnsgedy8Ej4jBMPOHh3XIjpTCkSjqKX6xm7eGht-azJ6_r0xFmx0EUEy652P8jxFYT1MhQEfs8R2a9ExdPDTvBgwY9oJfjaO8yeKr5BiQOZ_JJbKir3-KXJkCQ_2rX2eJZFvrpKZjXWveUxlBvOWLZYilyloMbpoC1f-XWXCauBjsbYeSc9K_tdTO49y4J9CnDP39lZ0nt9pnFQzM-L7tFuM4Nf3U5KMbLx2Rtzgvj1UEdJ2cAfVHffDkmccXbFRys36WTQAhDqloI_sXLI5MBb20NENsm876JXKHM7EIZ9ch_xeDRS2QxmApDbQ2hOmBEjmWWxCL0XKN12anyVihBnYCL7nGkpoz0uoR-flkgjxDl8iAEIfITF-sJYDpdC61JSTbQSadaiBRc5lU5qCFiYxPoHFSy7KnVa2Fg61gnUefYtzSA1H0gbsqruunJYFDSTWXZXr-Z3Z9cTgUCWkJOYdZadCBgJqUTpSHb5A2qy_3QUkxjMTeC706Vnt37kwvBFpil3ncjK2Y-4jBoxmWYFENrq0c-4npLbK422yCl-3TZzXWJ_cDF_bgVdPtGfhbbuRM9ICDXL-8cxBVQ4AAsSrj8dGWiQxgLu-7vwQLOs7RHuBQVE-RhjIXZJtxZ--5ePtGhSK5H_gRryQFI-Y2INZRO5Bi6L0bvg8V6oX8h1EREVCUTi-NVIA
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F714 1 KB
1 KB 167ms
54ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43979663;rtbwp=9A9F73DE8B1DF530;rtbdata=VuGAB4QUI5twEKJqycwdgURGQQTgpRT85vnqbyRUpnD4-9QTZEndb9IjJeP07gl9jUJmaJaJhCwHRm_VWFYjrlajTAto74YdYqocDgpFSWqeNPbkJ-QKpGmk3iL55Xq5IRcpVzxsbdGi3bnz9orG5hZANRG08vOfN0emMd0A9208ffzHPpaYBGJPQYTjuvsWDU6JjsSRT6FIGepeP78BWerAjnerPjSZfx1_YPUTRfTlxJHD042glHn1vXMqXDnTZgzJWlwAvM2lXby3Aopm-2j8TZo84rWC3itAqBQ0BuW1Cdny7XYX5LisCf5IhA-qSkWdgYcPc0wepiCej5fwYDv_8CqpXEwrPpNYoctTyrk_iFYw9FsTTM3IUuK9meyrJxx1XQg3IZZbQR8sLC5T-HhLLgS4efDp9IWN7H5tA5ThQW6FXjSrzw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/34b65537-4aeb-48ac-8aa6-48b85e02eb6e/

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

61c5d1d62fbce85b2e74928b19024cd4b9ec0d1437dd91aa545cb03da1bf521f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1197
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame F714 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:00:03 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F714 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767888072973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame F714 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Mar 2021 12:04:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F714 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGwdyg2nxPhA1YSsyDYy5KFDKGRL4-k3ne2qmDRZNaMWYFYQBgxLY4QfTUa3umeBEUaWrH
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame F714 24 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244340
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:11:36 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F7 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba7eHO1oyYMPWFtLigQeg1ZygAwAAAAA4AeAEAg&bg=!_v2l_b7NAAXRs2QT0TsAKQB2-DxaDmlOt07KplwS-9cI-k88SUFrqnMRTgToa_BzsMkf02KL0VXgAgAAAM5SAAAAGmgBBwoAz8_RgvPTETC0b3MYM53FKYtiUKlKcd2--ge4ky0CndMjl--BWZ3nKnT2xBl7rwzknP2ktgsOIhgwSr5JkGvR0KlhBsEnuzTj4b-m30fj2jNp-iypJexvBymTCZgENK3UvbKX9Uu_EphDFxwjiwN9N9LlmNwwZIRmOnRT5SAHh94zaXmI40l-3eYt4rwnfN0Zzhymhzl-tWpoi5x5U_Q9eNh8iTo4eu2IZLbkRIVWbmsw9TSki9Mw73cIOyHcf0S6gInjOnGcc-c-TY9_q1p0t5kCaSt6lt7iWwOr9ug4QNRkfZoHgiMIMRdqY55l2FjrwV0WPYUw9Hq3oWrw8yCMsFaCm7HTUrXOJcolYecRKo5cGjfO-dAmaBVJyUa37kshxt1FCEZlhAI3aH8sHffGMITL1thqG0oE2JbQ6r93qUjvDgxEXYOBW7GNOMg_UMCZQ9gXWFkcv5ByAhncUFC1IRuPg0MODh4YZCyVTfALa66zBAqdam7Tl1up2IH1kltlHv5o7mdu1IS8H2WbgBP6QEKSNOexwTbVBOoiz4Lw-X80jhWpxwd-8pybgfnxc3Db9PgIKY10xTmrrPFtFrs4LV8viLpaMQMg5uXCMJ52Bgo91oCw5StfCi43Q0HzVq2AnfCXZFcWtn25WQY-oQW1Ur94ZJbpKvVOxshSTVm8xPkRTZPMjEOkoVqG-ZLl_zlAEFAJRmxjOyJPH69ah0HJtP1buOWQcudIPeLqFIQdZpmbkat4qNqAlKVxa9uQXJ4qHbnMB8TjRJIuDbbEOBAM7RSW8pbmqr5uF5zEW3o5OZ_5BOlTUs_eW2oOL_qfqrK9AJkoV4qJSa0TFkTOxiG8y7nF7J-AiGnZYT8hNdfOxCer0w0CvHKGDXpDOoxAU_FOfKOIfGJ2qvaHczYQm5UIruVng4LRLmzOIkv5ggoGqQjKJzV5M_HoWNK5LOO89OvaEfsay4JO2uy9Tue9kLKlnJ9Sciqdog3ou-BDlssW71YAAjo7hPQE-HeKXYwArOYPrq9LuL5EsTiIccGvolRQSucOnVp0v2kX2zQcP5Ppz4jtSwDVuVrGsDxcK8RqTqVDa5-gNk9t5pZ_u-5L

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 018E 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3ctYO1oyYLerKdDx-gbNyp34DgAAAAA4AeAEAg&bg=!JCelJ2TNAAXRs2QT0TsAKQB2-Dxa8awu_qoYtRPCgpoSwF05p7_Ej7bwyLSrZVg9ty8BD7TRaOcYAgAAALlSAAAAD2gBBwoAPCfOFGU37waawP6dxbFesLuH6apXxSCkrem9uCh4-E-t7_QqclWq7hHOy1IAgRZOLe1meqXyeWCyuMHZZJkCVpgnQgfvak-r9_Y2qXLk7Mi0GLfcuPHfqmKjmk7XYbmxj6TvX-xNxFfn11u-FggEfChnCkj0tc1vAyaXru5_pCJMU6amiyzUuv4VrkYgHz6jgPTRU3aUoqWYPehL5AhDd0DwP6nz4pLCs4FRCcWBRKbPe4f--m8cM-YPn5FM4OHH9m5qNtcts5y2ZDhIBJdROGmEAY0V7uU-CiEBXs_dGaURJNKyxHM6FDPON6wRQEbUq1-11YW0qNuiuD2VlfgsokjltfxkdJQzpoOxNKrdwhYribj7b1uVfipv_vDz--GgCtdJ0vv0O-qoIgtIKtyzWX7xaia9qOTkDqO7qpo4zRJnzaM_8KkybHT7UHJq4liKnSTU8C62dRha0GPQZM12gT_s_8tAM0X64U4MBVUJzJ9Vv4tYVoP9LvbtQE_xKCLI2HF81pX1lZWgbpTtOdCIgEpWIJ60dcAjE4Epc8l3v3OPbIB5N1xqqMCbd9HtluU8Qvr0My9J2jlQEs7-GUTzXKh_IvL_eVbAnTtfqqK7MaNjgM8kPMfgZfrFMHSSn01YtWspPHjbWs2ukpSRAqyJgzJi3JDaNC1j0CFRXD1BGXwhitqqa-q8y7DVYsm9tl-sT5HaygDzD0k6g8rFX1AX0EzAgqOL-11nY4AsZdteqamD5fY5kAjqqsGpruwuQqJrXruXUY_OB6chECyP7ds3LyK-n8grhw1woLia-Y3tRgc3X-aAcUI-XFVRlEXDCEt0Vw2FAvafdOSgWzQBsF_ON_zNQrK45e0aKRoptXGnVKUItHP3q_w

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame F714 34 KB
16 KB 166ms
56ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43979663;rtbwp=9A9F73DE8B1DF530;rtbdata=VuGAB4QUI5twEKJqycwdgURGQQTgpRT85vnqbyRUpnD4-9QTZEndb9IjJeP07gl9jUJmaJaJhCwHRm_VWFYjrlajTAto74YdYqocDgpFSWqeNPbkJ-QKpGmk3iL55Xq5IRcpVzxsbdGi3bnz9orG5hZANRG08vOfN0emMd0A9208ffzHPpaYBGJPQYTjuvsWDU6JjsSRT6FIGepeP78BWerAjnerPjSZfx1_YPUTRfTlxJHD042glHn1vXMqXDnTZgzJWlwAvM2lXby3Aopm-2j8TZo84rWC3itAqBQ0BuW1Cdny7XYX5LisCf5IhA-qSkWdgYcPc0wepiCej5fwYDv_8CqpXEwrPpNYoctTyrk_iFYw9FsTTM3IUuK9meyrJxx1XQg3IZZbQR8sLC5T-HhLLgS4efDp9IWN7H5tA5ThQW6FXjSrzw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/34b65537-4aeb-48ac-8aa6-48b85e02eb6e/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:00:38 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Feb 2021 16:45:20 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C403 42 B
725 B 69ms
55ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvg-OCZwyGu_TqzAGmnot4j3q8rq4-3h8aGSI8tST0U_sHQvUD8lwKH8KBAEDMy1-xiiBsIR_obfuzUSYb2ZCNo4xhGAKk0tAAueiLQFO09TevAJbdZYYsbpGSsZld9kdyC4yT2BMkNngnqq686vT7gF146xBk2Tg6YgxzPwkPrG8f0tnUkxtOVMkeu-0n_lvQsLyqXC1zcOAFnKCEqjQcL4o&sai=AMfl-YQ1t9pOmXg8gBnn3YsJ3f2q4glVPfLDtgEKG1ds1HCrHgNu-B4c0y1O7ibdLFFLDtc0LDWIOF8ti2UFffD3xytR5P2AovdkHKFfpuwCKC7A43tVGnVFgv_ypvJGgMoS&sig=Cg0ArKJSzE7kFGjYbJoUEAE&cid=CAASPeRoOIMtNWG4lhWMDZwg3J3c5Vr3UQxvqDU1plbBmc9TnFVH1vk8lGg5bzEyv83J4lCV_u-2JIzue6ntNF8&id=osdim&mcvt=1000&p=135,315,385,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210219&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1508456601&rs=4&met=ce&la=1&cr=0&osd=1&vs=4&rst=1613912635428&dlt=28&rpt=195&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
s1.adform.net/adfstub/ Frame F714 49 B
270 B 56ms
56ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/adfstub/?url=https%3A%2F%2Fofuxico.com.br%2Fadform%2FIFrameManager.html
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
last-modified: Sun, 21 Feb 2021 13:03:56 GMT
server: nginx
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, private
expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H2 200 StubHelper.js Show response
s1.adform.net/banners/scripts/extra/ Frame F714 46 B
342 B 55ms
55ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/extra/StubHelper.js?bv=620
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2016 13:50:30 GMT
server: nginx
etag: W/"57bda626-2e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F714 6 KB
3 KB 58ms
58ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43979663;rtbwp=9A9F73DE8B1DF530;rtbdata=VuGAB4QUI5twEKJqycwdgURGQQTgpRT85vnqbyRUpnD4-9QTZEndb9IjJeP07gl9jUJmaJaJhCwHRm_VWFYjrlajTAto74YdYqocDgpFSWqeNPbkJ-QKpGmk3iL55Xq5IRcpVzxsbdGi3bnz9orG5hZANRG08vOfN0emMd0A9208ffzHPpaYBGJPQYTjuvsWDU6JjsSRT6FIGepeP78BWerAjnerPjSZfx1_YPUTRfTlxJHD042glHn1vXMqXDnTZgzJWlwAvM2lXby3Aopm-2j8TZo84rWC3itAqBQ0BuW1Cdny7XYX5LisCf5IhA-qSkWdgYcPc0wepiCej5fwYDv_8CqpXEwrPpNYoctTyrk_iFYw9FsTTM3IUuK9meyrJxx1XQg3IZZbQR8sLC5T-HhLLgS4efDp9IWN7H5tA5ThQW6FXjSrzw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f34b65537-4aeb-48ac-8aa6-48b85e02eb6e%2f;js=1;adfxid=1x;4835;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|undefined;fd=0|0&CREFURL=https%3A%2F%2Fofuxico.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9686c70679f1ebe2f3826834574e1f9697ec1f6fb7006020ac5565f2ccd626ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2893
expires: -1

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EE88 42 B
66 B 47ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWd3qftEKFi2lqyIzsMpXPTVhBj1w7tyE53qdHPyicUIzc0q4kGnryEugvvTFEDp_08VIo04qWFyARVM13ZAqPKNarnchY_yDkSoHix41UxUUMqPjnygSMhSEGGa4ieNQd1NYL3wS2_CMzeF-t9qp1Zg&sai=AMfl-YQzd_Ce1KJ3I2e4wDRJTiOHpYAc_GSZjb3WlnZwB8w5yG2E8tClCaRtkvdZVy9dl94d3RZehPSeeNNArf_NgKh5IPyQoUCSnN-HQBtKUHZ8y6p7sRmLeeEB7tRgCJQW&sig=Cg0ArKJSzEzNzIcEePUrEAE&cid=CAASPeRozKNA7lUqMHxPRXrjpounusxAKJoIVXZG5JjwzyltSmN2Ysw8WywG-Hn5PK-YAM-kMbwG6xXTZfUBvEI&id=ampim&o=1320,100&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1714&tls=2714&g=100&h=100&tt=2714&r=v&avms=ampa&adk=4106720246

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inlgis.php
system360.inistrack.net/d/ Frame F714 43 B
687 B 282ms
164ms Image
image/gif 18.156.150.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://system360.inistrack.net/d/inlgis.php?inisTrack=df-7-Js-&bannerid=11012&OXLIA=1&zoneid=31180&rnd=67443
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.150.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
content-type: image/gif
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow
content-length: 43
expires: Sat, 20 Feb 2021 13:03:57 GMT

GET
H2

200

redot.gif
gde-default.hit.gemius.pl/__/_[TIMESTAMP]/ Frame F714
Redirect Chain

https://gde-default.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777
https://gde-default.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777

43 B
217 B

28ms
27ms

Image
image/gif

185.11.128.204
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gde-default.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.204 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-204.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Sat, 20 Feb 2021 13:03:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_[TIMESTAMP]/redot.gif?id=bDFKuFhxBvYDeSNAccOKwOW0zQCFkM7klANT4TUtlb3.f7/fastid=mvkyxkhiqujjbingosufaweykkmm/stparam=nkhqjqirlt/nc=0/gdpr=0/gdpr_consent=&rnd=91777
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 20 Feb 2021 13:03:56 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B620 291 B
559 B 139ms
45ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
Requested by: Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Feb 2021 13:03:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F714 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55efb3609a5d358c131a01d7b78f26b3f2755b74a5bbfe073821a0f8772f42da

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/iwSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F714 85 KB
36 KB 64ms
64ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/iwSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:56 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:00:38 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Feb 2021 16:49:47 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B620 31 KB
10 KB 49ms
49ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e00b70e9a165e7e1bc39ba9d092d02099fde2e8607e543786f4e9bf00389e428

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 13:03:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Mon, 22 Feb 2021 01:45:42 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F714 35 B
503 B 55ms
54ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43979663&csi=U7Oa3xCJMM91rLTyoW_r7mKNd52t1ftVK1FxjO4G0K_ZKGWOLEEutvLvErD9xNSG0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 43567078.jpg
s1.adform.net/Banners/43567078/ Frame F714 18 KB
18 KB 60ms
59ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43567078/43567078.jpg?bv=2

Requested by

Host: 35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
URL: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fc8e8f530e3b004de5b031df970de2300f6c7690ab5071013bbb0c6b4c9ddbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
last-modified: Mon, 15 Feb 2021 14:18:57 GMT
server: nginx
etag: "602a82d1-4603"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 17923

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B620 284 B
1 KB 195ms
54ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2 200 / Show response
t.dynad.net/script/ 115 KB
31 KB 1349ms
768ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE1 / DynAd.net
Resource Hash: ae183002964e0bf129c31dd200c3084c970e2eecde9fc499c565f9b660d7c3ec

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
content-encoding: gzip
server: D3-FE1
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.514 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Sun, 21 Feb 2021 13:03:57 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 840ms
194ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 13:03:57 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Sun, 21 Feb 2021 13:03:56 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 0DA1 213 B
721 B 253ms
253ms Document
text/html 2600:9000:20d7:7000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 21 Feb 2021 13:03:57 GMT
expires: Sun, 21 Feb 2021 13:13:57 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: RefreshHit from cloudfront
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: DaPafMKiNeno6j-OPNmBUJU5Bw9KlLhQ10qSh0bTgkBRsm8MSDSo_g==

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame A446 213 B
698 B 252ms
252ms Document
text/html 2600:9000:20d7:7000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Thu, 17 Dec 2020 22:34:30 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 21 Feb 2021 13:03:57 GMT
expires: Sun, 21 Feb 2021 13:13:57 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: RefreshHit from cloudfront
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: aDVypZ21TlDn7T_coeFDHmRsOfWD7quJy1Z2MIWMvgjXFkHa4tDKIA==

GET
H2 200 icon-nav.png
ofuxico.com.br/skin/img/ 278 B
524 B 235ms
235ms Image
image/png 200.98.2.62
UOL DIVEO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ofuxico.com.br/skin/img/icon-nav.png

Requested by

Host: ofuxico.com.br
URL: https://ofuxico.com.br/skin/css/style.min.css?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.98.2.62 , Brazil, ASN19089 (UOL DIVEO S.A., BR),

Reverse DNS

manualdaquimica.com

Software

nginx /

Resource Hash

10f2f842d39b34c6f386a19a7237b41601c0398b64fa400915110c0d1f90fbd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ofuxico.com.br/skin/css/style.min.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
via: CacheUOL
last-modified: Fri, 23 Sep 2016 16:34:47 GMT
server: nginx
age: 332920
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-varnish: 455275881 31839321
accept-ranges: bytes
content-length: 278
expires: Fri, 19 Mar 2021 16:35:16 GMT

GET
H2 200 page.php Show response
www.facebook.com/v2.7/plugins/ Frame 6CE8 161 KB
37 KB 110ms
98ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=50d5daddf44c2bbcb579ea813696dfc1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

806038a5d73ae0e6879d290060d29135100d7db5d9138d03f50641ddbeb659a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: CiTQr6gTCnVYuCyswc85mG4Qc8iE8EgYa0NoihmlT5HIdO2BroEHTiOQvnWcYAzFQ+075Vgfq8bFoUXiE+OpLQ==
date: Sun, 21 Feb 2021 13:03:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 20ms
20ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: ofuxico.com.br
URL: https://ofuxico.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:18 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 15:36:09 GMT
server: marrakesh 1.16.6
age: 999
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
content-length: 6125
x-amz-cf-id: mXBLaYXGRqlm9_x2NC4YmCTea0_PBUGcCnWlrMOwr043aBh0AWGrhA==
expires: Sun, 21 Feb 2021 13:47:18 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bfea9c669311fa23a4bd9cb8a56c8061e419d1cfcbb0aaf4a2a05d440f9278b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 9ms
8ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:47:19 GMT
content-encoding: gzip
age: 998
x-cache: Hit from cloudfront
content-length: 8357
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 17:11:33 GMT
server: marrakesh 1.16.6
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xqxXNvECxp-EDgqDKlD1AWK-suvuWo1W3t-rsJ9fwWokyZhLi1hqZQ==
expires: Sun, 21 Feb 2021 13:47:19 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
444 B 138ms
138ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:ofuxico:1&tK=1613912637&tM=direct&tL=direct&tN=direct&tY=3&tZ=567481224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:57 GMT

GET
H2

200

ack
cookiex.ngd.yahoo.com/ Frame B620
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLF5WWS4-14-3PRV&sigv=1&esig=2~6c09b44baeb9c019fdd6ee1526720d5cee37b065&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQC...
https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLF5WWS4-14-3PRV&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgA...

0
22 B

37ms
34ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLF5WWS4-14-3PRV&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

Redirect headers

date: Sun, 21 Feb 2021 13:03:57 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLF5WWS4-14-3PRV&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

baI_84B8_ndNRV_G6KOXTcn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame B620
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAE...
https://pr-bh.ybp.yahoo.com/sync/rubicon/baI_84B8_ndNRV_G6KOXTcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAI...

43 B
299 B

100ms
33ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/baI_84B8_ndNRV_G6KOXTcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/baI_84B8_ndNRV_G6KOXTcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B620
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAA...
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAA...

42 B
1 KB

47ms
47ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&put=CAESEB6WalWMhmqrDS5tJSiWFmU&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&put=CAESEB6WalWMhmqrDS5tJSiWFmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B620
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoW...
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6ec76032-5a3d-4e00-a94b-01203d1c7ff3&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBE...

42 B
1 KB

52ms
52ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6ec76032-5a3d-4e00-a94b-01203d1c7ff3&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Sun, 21 Feb 2021 13:03:53 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6ec76032-5a3d-4e00-a94b-01203d1c7ff3&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Feb 2021 13:03:52 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B620
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xGNVdXUzQtMTQtM1BSVg==&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABAR...

170 B
190 B

16ms
16ms

Image
image/png

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xGNVdXUzQtMTQtM1BSVg==&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xGNVdXUzQtMTQtM1BSVg==&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame B620 0
66 B 130ms
47ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B620
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvl...
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAA...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDJaPQAAAHaOzirK&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACS...

42 B
1 KB

48ms
48ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDJaPQAAAHaOzirK&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&_test=YDJaPQAAAHaOzirK
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613912638.630318,VS0,VE0
x-served-by: cache-hhn4049-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDJaPQAAAHaOzirK&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&gdpr=1&_test=YDJaPQAAAHaOzirK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B620
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAA...
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAA...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e2fd882f-196b-4ef2-94b3-20f098e32f9a&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBE...

42 B
1 KB

52ms
51ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e2fd882f-196b-4ef2-94b3-20f098e32f9a&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e2fd882f-196b-4ef2-94b3-20f098e32f9a&gdpr=1&gdpr_consent=BPB94ZYPB94ZY__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBEoiUAIAIRAAABARIJCAAgQAACSgAGAAAAIAgAAAAAAAABAAAEAAAAAABAAAAAAAAAAAAEAAAAgAAAU&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 601

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
319 B 150ms
143ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 488173ba471fc6d0de44ed613bc5e730f90f20f01e56cf6c7118f3e286305d8f

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6EE3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 21 Feb 2021 09:20:14 GMT
expires: Mon, 21 Feb 2022 09:20:14 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13423
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EE3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 11:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 91459
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6254
x-xss-protection: 0
expires: Sun, 20 Feb 2022 11:39:38 GMT

GET
H2 200 lUQLezk6Jb5.css
www.facebook.com/rsrc.php/v3/yb/l/0,cross/ Frame 6CE8 18 KB
5 KB 11ms
5ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e496a8f239ace64ec13b1fd90c69660e0996c02a1b4b737850292d3a0792159a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: GxCp15WUPHMgEHoShFwql1UPAd9bgIdtUC80I04ARF1oiiF6MybR+PXQXBx2lztmqBCPMUzvcCfZ9MSOmXMyHw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: h5NL7M/AaU4wTaZWgloufQ==
date: Sat, 20 Feb 2021 19:27:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4839
x-fb-rlafr: 0
expires: Sun, 20 Feb 2022 19:27:17 GMT

GET
H2 200 d2ioIL5J70f.css
www.facebook.com/rsrc.php/v3/y6/l/0,cross/ Frame 6CE8 76 KB
21 KB 12ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

501705b6019b8cd5f638a6f9d1b1e16dca42df6e4dfad478b64b15a3474b0feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: ze26wUEu3SCNj7DmbsTfQqaIaPdbd8im/EgfZT4r5rhSXx6eBeoB8aWqNhziVNP5uytbxsd/nofFXz0Aua4SUg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 6WszWbpOpBZ15p6JQyGowg==
date: Sat, 20 Feb 2021 19:27:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21434
x-fb-rlafr: 0
expires: Sun, 20 Feb 2022 19:27:17 GMT

GET
H2 200 U9VNx4qOa2Q.css
www.facebook.com/rsrc.php/v3/yx/l/0,cross/ Frame 6CE8 32 KB
8 KB 12ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yx/l/0,cross/U9VNx4qOa2Q.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d46fa60da32c2fd6463af739cc56a0f974b2c2f6e6ada292112389a63bf62f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: In0ncbi1unYZ2ABUht4pBGOI1xeysUrEx3jJMofgXVTp+IIcXxDATO3XtYPQafMKOuJvfnJv0tlDOfDBiJX+FA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: qPcWw5exhCbDvd91xt3UWg==
date: Sat, 20 Feb 2021 17:42:23 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7917
x-fb-rlafr: 0
expires: Sun, 20 Feb 2022 17:42:23 GMT

GET
H2 200 kiMD0T5Qybq.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame 6CE8 269 KB
71 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ba1b3b429dd7cc8066709699bf25677d8f43f1097274f068a79f29f98c5ad84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: WZsNHcgzCzdx4N0tysauKhTFzgoZfTuW1fbFrwp1cSKBcjeXqUD+zvb5myz+18Pux3tG38ufNCJXfF6A7newoQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8F0Jh1kI68F/aZ2Fs/eZ5w==
date: Fri, 19 Feb 2021 20:09:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72478
x-fb-rlafr: 0
expires: Sat, 19 Feb 2022 20:09:49 GMT

GET
H2 200 UZNTj-SdobZ.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 6CE8 63 KB
19 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/UZNTj-SdobZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae34954bc1593d97d755ab8ac5acf74e525c5c2831e99c08aecc680de9618d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: CTkeJ07VDYLt9mlLz/udNs6xAjB9D1bH3FzRsuH0TmdRdlOqSJCbZNZTvnbegE2yaMO7cqyJ5tIGgS82wFjdZw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: XAeUUkwUGxG8yYfnrAaHYg==
date: Sat, 20 Feb 2021 01:31:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19332
x-fb-rlafr: 0
expires: Sun, 20 Feb 2022 01:31:28 GMT

GET
H2 200 B_PLCOT2qjH.js Show response
www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/ Frame 6CE8 125 KB
35 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/B_PLCOT2qjH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0934548e5f0ded78ae4f9f90202b1a160a85e7a576a6acb5e621b006a6e5fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: qWMZYem8ONDNNz8x6k/9eTJyTvrdeM2ieJM/9zYNtcSdr4w7/30tQK0qYPj40aC25+BYe6RYFn1G6VFV1Fha/g==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 7ZwSK0ETFC8A/mvtt6FAkw==
date: Thu, 18 Feb 2021 20:02:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35307
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 20:02:56 GMT

GET
H2 200 Gno7uqmDe5f.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 6CE8 255 KB
70 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/Gno7uqmDe5f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c3e0fadb75cbf97cccd386c310ab5903ffeecbb4ffdbda27ba505c4d4c80d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: rBCujyJFgO6xBO+uLltdDHfZAuKWdNX6BPUDlUJEWn9eE6tAnBzcnYGwV1W+JPLuzVaUE17zS8dbxCXcgmZTYw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 1YKdkyuznHrYC9KsTk4Lmg==
date: Thu, 18 Feb 2021 19:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 71889
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:21:52 GMT

GET
H2 200 V4srb3HUO66.js Show response
www.facebook.com/rsrc.php/v3iL6L4/y7/l/pt_BR/ Frame 6CE8 37 KB
10 KB 22ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iL6L4/y7/l/pt_BR/V4srb3HUO66.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6a5c170d498102030103890bc96afbaf33ea3158e5a8aa077eeecbfcaccb083

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: Vty2+lrcT74TsmoTJq+Ajl1f08q6xMDU81KMihB0v9yZOoZGbpKtv3gWenoRDYFyV+WTRT673Rv+I9XqCmzSnw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: AWGOjDa6ue7hQyQfIMHIyQ==
date: Thu, 18 Feb 2021 18:34:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9753
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 18:34:48 GMT

GET
H2 200 OgFiIdmDrHY.js Show response
www.facebook.com/rsrc.php/v3/yA/r/ Frame 6CE8 250 KB
57 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/r/OgFiIdmDrHY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecc2434be745189be7134cce96088f203a93a4cbd5370ee41a3b28d61b231773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: zazcHkWYVCx/itVN10+214gPgmZ02IfiYu5qzKtbFiug1G892fI/9OvIskydymMvgTp0rXvCj9uz80IrKt9nxQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 67pzi+1yb1MGdnVYH3O1DQ==
date: Fri, 19 Feb 2021 20:09:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 57925
x-fb-rlafr: 0
expires: Sat, 19 Feb 2022 20:09:49 GMT

GET
H2 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 6CE8 5 KB
2 KB 21ms
15ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

889cb179cff0a67aef7369375f447f35a101bba70eeb933cdee74a8bf9c3ad9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: slefdI+5Iv8ICedPomwZuu347yosDqqpbg3zUckuHpGGDZRrOgmxhM9/vL7YEmPBEnCtPvNlJgp7Cw4hhaWFHQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: gQkNKteGHUNmMvaZH4mpnA==
date: Thu, 18 Feb 2021 19:46:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1627
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:46:23 GMT

GET
H2 200 iVGpOTI8ACk.js Show response
www.facebook.com/rsrc.php/v3/y3/r/ Frame 6CE8 2 KB
1 KB 21ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/iVGpOTI8ACk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17fcdeaa4072a7ade32842f94f93c8008a572edd2158f94052dcf821b86be6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: zBdRJELJiScSVHgghvkax5oIMONCNCT337r0juufV1Kj3Kz82m+lNT/0lslWd+B8q5FaOipSXlAS19sFMBVQUg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: BESgO8PXMzajZZHNGZpD5w==
date: Thu, 18 Feb 2021 19:53:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 853
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:53:12 GMT

GET
H2 200 JI4AtP6aOEB.js Show response
www.facebook.com/rsrc.php/v3/y8/r/ Frame 6CE8 8 KB
3 KB 21ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/JI4AtP6aOEB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7dd6c53de6a011b6b6b96a7c3bcc471fc63248171e0959d06f44bbb02f86180d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: SLPgzDk1bWe/9py3UW35KK87ZtYmFeqiHfDzmsuXkPibxgwKznuIOa8e6dEiy7ZOmokrSpldbSU8Iv52eCFBoQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: AiezTgxq0KyX/NUhvrzdgQ==
date: Thu, 18 Feb 2021 19:31:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2474
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:31:40 GMT

GET
H2 200 0X-1iVjRxHG.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 6CE8 609 B
548 B 21ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/0X-1iVjRxHG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5a75c466d55f6c85822ec277f69b61054a92503e37f7fb8349e4830376d7025

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: RI3mWGYDM3IQRd8p8cK7siNDDIF9V55SHfl10CUXEWONE6Htf6kY706bI7SPgu9pluPXVkcLKqITATjIwa5Acg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FvMwENEtqQPeeJsv2o5Vyg==
date: Thu, 18 Feb 2021 19:42:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 337
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:42:13 GMT

GET
H2 200 oc6OvpXDEmH.js Show response
www.facebook.com/rsrc.php/v3iD594/yR/l/pt_BR/ Frame 6CE8 386 KB
91 KB 25ms
21ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iD594/yR/l/pt_BR/oc6OvpXDEmH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e6f4c137180fe856baf0495ac8acb30538c8996cc50c8b76643a7d033b29b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: 7xY5XnRn1Xt9l10ePWJ3o9RNEr5/UPIdV+Xju37sEkZZ46uMPJ9KLMDA0RCS4kAwgSAdlmBrYoomBjv7wNwy1Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 90yRc79FkYiIw/reHqyMLw==
date: Thu, 18 Feb 2021 20:09:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 93117
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 20:09:07 GMT

GET
H2 200 xMCQ2z7HyoD.js Show response
www.facebook.com/rsrc.php/v3/y0/r/ Frame 6CE8 91 KB
26 KB 21ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/r/xMCQ2z7HyoD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae2f68abb9bfa138bae4523d36ea6e83a5c7411afd4f9e0632b822a4354f4a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: e2m/Sd98G9iKTto9F1JitFldGRwcwNvqTpanS8URpoh86ekmaykRmbkExkhGrY+vyLO4rzgttB5uGC3zvz3XlQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: L61UYXf4Hb5Ihw88hu123A==
date: Thu, 18 Feb 2021 18:07:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25932
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 18:07:41 GMT

GET
H2 200 zamwg2kVtwx.js Show response
www.facebook.com/rsrc.php/v3/y9/r/ Frame 6CE8 24 KB
8 KB 21ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y9/r/zamwg2kVtwx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15dba08f52fd761aea3a91ee6b30a60d21a9aab51aa66f319c10a0a6fcfdee12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: IxhedhnidaTq8HuYOUk17wpdA8l/Gjqz3VdGuyUf8wWenx/onVKWH8K2usCwPVGk5CRiR5d4ySlglxcv3SsOIQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: kcLv9YXkHwEkBji3O1rvaQ==
date: Thu, 18 Feb 2021 19:03:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8101
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:03:52 GMT

GET
H2 200 WWTGAMDQxd0.js Show response
www.facebook.com/rsrc.php/v3/yg/r/ Frame 6CE8 18 KB
6 KB 21ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yg/r/WWTGAMDQxd0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89c8dd84fd7ba4f4b230a39a05a2da16ba134d10a9a134587f4253e74b61beeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: m0Im51c5YTnSgfJIhPRPyqin+Zpatf3mFCRUNg8wcDYuFv6o4l56CgJa/IWXHAKDdXYtSx9CckbPdYCYC+BuTg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: AZdMz5N8jKJUC0QqmYxwVg==
date: Thu, 18 Feb 2021 18:34:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5639
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 18:34:51 GMT

GET
H2 200 3iGMifTUuse.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 6CE8 36 KB
11 KB 21ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/3iGMifTUuse.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1da3214ec8b812ba0eac824acdbda69809cd548b6f5473ec8df25c5cc79e3159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: r+SZTd91OwKt3Jx3QheUMWMjPEHcglmsS9v1Us2ZgH5L0LfDO5yexTlkDo61GtcIqE0JavQ7nacvo6CAkHIM6A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +v4da/mxiuXyU97X4XZ6bA==
date: Thu, 18 Feb 2021 19:31:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10976
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:31:52 GMT

GET
H2 200 14691127_10154028592628435_4966637439533776121_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.0-0/p130x130/ Frame 6CE8 21 KB
21 KB 42ms
14ms Image
image/png 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.0-0/p130x130/14691127_10154028592628435_4966637439533776121_n.png?_nc_cat=100&ccb=3&_nc_sid=dd9801&_nc_ohc=wg-pDxnWIyUAX-VaIsg&_nc_ht=scontent-ams4-1.xx&_nc_tp=30&oh=87e1f302c2c0593b19ee21d4b0d31eaf&oe=60581937
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b70ee967ccb2e931a6fd504254c97ae86f6e88db785e72355e55b3d33bd0dafb

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 889707861
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 18 Oct 2016 20:02:27 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10154028592628435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 514629483
x-fb-config-version-olb-prod: 1023
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21507

GET
H2 200 136064945_10158110702018435_8209980572953425745_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 6CE8 1 KB
2 KB 26ms
16ms Image
image/png 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/136064945_10158110702018435_8209980572953425745_n.png?_nc_cat=1&ccb=3&_nc_sid=dbb9e7&_nc_ohc=X2Ek5l_PkvoAX83uNYV&_nc_oc=AQmIOdQ7oySft47E_eh6i02KT7LFcHiZcrmmUYzlojmAfKFXPrBeS7R9P80ABuQSf0CpvFQfds9dsnM-JyPOkISJ&_nc_ht=scontent-ams4-1.xx&_nc_tp=30&oh=3a8fadc11defafbc578504a2170bb4a4&oe=605811F2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 116aca216ed16248ff0c22a3b301ef0b7242308118ce0e699a2c338ef2d4599f

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 107397142
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 05 Jan 2021 03:09:35 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158110702018435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3731965980
x-fb-config-version-olb-prod: 1021
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1532

GET
H2 200 qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame 6CE8 3 KB
3 KB 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: r2UxKC/o1mmawu3V1M7zRmw+kbdIntDtZEKKhBojh2m9k87heZtKn52nVOUk3NddxT7eT4//RUYoUr3FDBltwQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iN31dShDArRt9ZikrDb13w==
date: Thu, 18 Feb 2021 17:20:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2616
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 17:20:03 GMT

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 6CE8 573 B
785 B 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: khke/xJ3fYl88MWoXS1zGxk9dOpuMSE/kLL8yjp9MIhCj2jPeYSUYyimyqlL0aqSXaqMFQ05c220JZsjTF7B8A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Thu, 18 Feb 2021 20:31:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 20:31:47 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 6CE8 63 KB
16 KB 171ms
171ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FOFuxico%22%2C%22width%22%3A326%2C%22height%22%3A544%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fofuxico.com.br%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xe6FoO13xu1syWwHh963m1FwAxu13wmEW7UW3q327Eiw8OdwJx61IK0SUhwj82owbC0LVE4W0OE2WxO0FE662y1nzU1vrzo5iawqUcE7e2l2Utw4HwnEfo2IzUuw9O0RE5a1qw8W1uw&__csr=&__req=1&__beoa=0&__pc=PHASED%3Aplugin_default_pkg&dpr=1&__ccg=EXCELLENT&__rev=1003337802&__s=%3A%3Awuqton&__hsi=6931701995619480179-0&__comet_req=0&locale=pt_BR&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/B_PLCOT2qjH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2db9d204fe9c7b6ed599bb9945b2760d800ae24305a3a38f4e932523448a0140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: IFphiWgmAcXuJO9P6pyrLJjFsWWW0C6EaHjGZuwYJ+XYKVCKDeo+RYAaaZeLVCqsfhSKtC8YZIxTafHhY1QoXg==
content-encoding: br
x-content-type-options: nosniff
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Feb 2021 13:03:57 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 6CE8 138 B
552 B 37ms
37ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/B_PLCOT2qjH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1aa2ed388e18d5ae5b36708bc94771a96eea3ed5233ee328454c38f121ca0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: lu9wUftR6jxZpeu4TBCNFeEGEbCiHZlUGsLbqXG8LQN0ZysWv64RsOzVqSPbv4DiGXIDaYWf75zTov+emfa7Yw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Sun, 21 Feb 2021 13:03:57 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 6CE8 1 KB
876 B 46ms
46ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=10156305523078435&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/B_PLCOT2qjH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99a63f1d9ff8a96e5dde074f7d652e85eb731787bc8912ecec7a4f63779efa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ++FVmPFqKQoBFB3F2QeE0wjkuNxe6pQpkm8c0bNptbJv91QobTcDK74iNOqPf7jmkU5tQ+N5bdz+TKq7L/dgqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Sun, 21 Feb 2021 13:03:57 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 aYJktvmLnOK.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 6CE8 15 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/aYJktvmLnOK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b86b5952ed94f8cd1aade8fb26c630f3d6e33def5d36e19838780595a78168d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: 5g9FarT8spv9w907zpW0DTHn+3VMpq/+R88QgWVWc6ARuP+D/h6/1Jz6BqEo+d5WyNT12D16RmN3+kL0+li8iQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: N1ZwRqDJGVoXgiHU1J7c/A==
date: Thu, 18 Feb 2021 20:03:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5087
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 20:03:32 GMT

GET
H2 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame 6CE8 7 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

587b234b1819edd56fb28552f715b8d1c367a1dd28829d07c3678229c96e650b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: jm3CTt9k2JMMbdMfii1Ccr0e6L4SeMwxd5CLMFczyIl4RzWgiB2ieoJHkWU0Y2ez9PE0wk9IDQCTGikGClpTsg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 7V1kQCLTl32/i6kpb5a/eQ==
date: Tue, 16 Feb 2021 19:44:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2267
x-fb-rlafr: 0
expires: Wed, 16 Feb 2022 19:44:54 GMT

GET
H2 200 -vq9eSjYApF.js Show response
www.facebook.com/rsrc.php/v3/y0/r/ Frame 6CE8 139 KB
31 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/r/-vq9eSjYApF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47e7783348efca301d62f774049845580c55efdbc58e6cd431b1aa458ed40cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: MEJlEp6fQ86BbNdKh8GxNVaJ3JS83LHyvGpfBGibxnXKBq2hY+PI8zxF9iAQ8uKNlHgCV65/2PcyrbXCCd/VFg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: kFuEOArIGNENq+pzSnWHdg==
date: Fri, 19 Feb 2021 03:59:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31282
x-fb-rlafr: 0
expires: Sat, 19 Feb 2022 03:59:36 GMT

GET
H2 200 WzKBiBrx1hY.js Show response
www.facebook.com/rsrc.php/v3/yx/r/ Frame 6CE8 8 KB
3 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yx/r/WzKBiBrx1hY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fb7116d1bbed05a17667a3bcde7567a847b4988df98330df20f85308f322f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: nZvf7sMj5BoWWnuKXj6U2kZe9DBuaDWLBknOEzAh/4pC0e2ifnX+Q83gnGkqMreFhWOTtlu4d7sSnc6OpXgRBQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: ugWoWAePlRCJAqcLL2MgMg==
date: Fri, 19 Feb 2021 03:59:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2999
x-fb-rlafr: 0
expires: Sat, 19 Feb 2022 03:59:36 GMT

GET
H2 200 ZGEMmbOhDrM.png
www.facebook.com/rsrc.php/v3/yt/r/ Frame 6CE8 28 KB
29 KB 8ms
7ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yt/r/ZGEMmbOhDrM.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2557989d17ebfacb8e8244a5c47e03774f69b5660c91147b7f5961893f8ecd43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: EpzYpNPwJIaBlSQs1CfVCcaS5K/YtqKwx5t0G3hIfgyQhUSArmNEI0iQDyk0CD2O2iq9/bqBVpV/1NXIU/zS5w==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: cS/RiGpyYhGHRkJu33G3/w==
date: Fri, 19 Feb 2021 18:38:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29000
x-fb-rlafr: 0
expires: Sat, 19 Feb 2022 18:38:24 GMT

GET
H2 200 onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame 6CE8 4 KB
4 KB 8ms
7ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: 3K7FxK5nF+UtOfcXLbmP94JXdilhnUWg7O74Yy1vURGHjzJPrZangdZJNU0hZWBcwYxeAJLQtijmCBRMaZtBgA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
date: Tue, 09 Feb 2021 00:06:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3944
x-fb-rlafr: 0
expires: Wed, 09 Feb 2022 00:06:18 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame A446 42 KB
9 KB 7ms
6ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:41:59 GMT
content-encoding: gzip
age: 1318
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Tue, 17 Nov 2020 15:36:10 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: jPFS0nm1zb18zvnbvH_I4Vv6983nvhrT6qUD7ja2STQCESe8noAQhA==
expires: Sun, 21 Feb 2021 13:41:59 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 0DA1 42 KB
9 KB 7ms
7ms Script
application/javascript 2600:9000:206f:800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:29:15 GMT
content-encoding: gzip
age: 2082
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Tue, 17 Nov 2020 15:36:10 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: Cp8VPixcbOraCTPLVkkDJVvsHk22udg5h0NWWJ59RNHcDWHfZz39gw==
expires: Sun, 21 Feb 2021 13:29:15 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 139 B
573 B 141ms
140ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=3&tU=0100007F3D5A3260A106738102711308&tX=b.52&tZ=357921398&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 78bb4b302af19918e52a7ab34a67ce5f889a845ccda9cd711fb1b37bedec6e99

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:57 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
112 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021601&jk=4262409186531108&bg=!JiWlJWbNAAXRs2QT0TsAKQB2-Dxa21Ue23G7Y75q6ciSVIPhEhrZrzqknCVGHb1m0vhLUUVEYU6VAgAAARlSAAAANWgBBwoARu04-d41cbvtbVgVPgEhL0iG3fQJeKk_0eLo3lPaas7DVLiwWI1RoynX47Z3vnPp6sh5d0WFgbe0qdy-YmTS6dzBiTJyZ8aZAdE6OaCUtUooF6lwfVqq8WTNtNonW8mUb3svbXFV0xOKt2dFejwdlK5j6inCjOmsmTpivgcmu76ZTiZ1Jnh362NcJ1fdQUEIYFauG3nU-evX2iUUVsNh6gDGKOzep2BdzzfzkqcGLDJOFGQweTSRJbl-0LDe60Ss1nnalcG6HiLw0ybML6lKCXLLqTZSn7XsNtVqRz_20ATT98DWnqCJXDENin4TdvswV8SVxrmh-_oCicZBFLY4dn9-18zAyNfHJFJFNS_4GUA39SX53ZGaTUGId8mxrx7uDrWFcJB-Pns-WoqaLFwM2HNAIpe58AXTRmtTCKc13ZVE7c4BcQJHaMSfJgHR4DX2bYNDRpBU81SgXkrT7XLxL0ar27iujvec1uRlQZbE42tTMJTIL4ghfVeM-ppwuJQf9soR2M-N4jJvuhnFjCLZF9kC8ZA3Z6vmr0x77RhO0M26SK9yXgyTM9b6Qdf6nkdG3e_TBJGAz7tO3Ba1lgfqh7g7wftcUiLWPub4fMORDOGyuKVeLdzU8iRNpTLjbQpppv9wsFKH1HKh_nRxi_rct1u1eifSetC9IIjThUrefF5IX8Y4P5yINeNl1zbC5Zn2bqP-iW--KW54e1M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tM7zBvTq9ET.css
www.facebook.com/rsrc.php/v3/yf/l/0,cross/ Frame 6CE8 73 KB
21 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/tM7zBvTq9ET.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef61015e6fdcf3b0b733c6e1e0cb466b032c8a8e69decc3b20340e3eaac8a0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: KpQmd04A9bX/tAYQiHhse4FqC8FxA6RQlctXmF68DOjIdjq/jHePiNDTAZT4bAS1XWVZZWv2HODGrlxAgVBKNA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: XOlzcgmcxhEG0GRO/eD4yg==
date: Sat, 20 Feb 2021 19:27:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21564
x-fb-rlafr: 0
expires: Sun, 20 Feb 2022 19:27:17 GMT

GET
H2 200 EO1KFjSEubA.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame 6CE8 63 KB
16 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/EO1KFjSEubA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

964768e7d4159d0914b81ba59d0227c5058920cd6f35a4b8b4823d18f229e207

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: lWA2+161CSfkaOgKI2HDB47HmkObOGOl5Uux/KXl0DvAwNMx0lon3ooqIrQUXt4aHqcsTGohR/jhlpVzR7m9Ww==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: XgqTqx2QfP4Co1XIajPTMA==
date: Thu, 18 Feb 2021 20:00:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16202
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 20:00:27 GMT

GET
H2 200 3kO5EE5fjbk.js Show response
www.facebook.com/rsrc.php/v3ika84/yB/l/pt_BR/ Frame 6CE8 27 KB
8 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3ika84/yB/l/pt_BR/3kO5EE5fjbk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/r/kiMD0T5Qybq.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

472a73ac67b06edf3a559de2f57ec016cf67621194eca55d3e677a695760d62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29579e9f82ef18%26domain%3Dofuxico.com.br%26origin%3Dhttps%253A%252F%252Fofuxico.com.br%252Ff230c3d0c266458%26relation%3Dparent.parent&container_width=326&height=544&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOFuxico&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: zAZWYf1XS0BwBNlq8tXXcPtG9lq0uzlIWQJpB+B5hEzK6cLA1/b6XIWF3nzOf092WXRKNq3z4gumb+XkMzCCiQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: LIzxomqKrRMHic43DeIWUA==
date: Thu, 18 Feb 2021 19:27:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8024
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 19:27:24 GMT

GET
DATA 200
OK truncated
/ Frame 6CE8 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9adf40f2d62a7ea105d6b36b53ca0228c603957a3dc4bc135df78f747c6e440

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 136064945_10158110702018435_8209980572953425745_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 6CE8 1 KB
2 KB 14ms
13ms Image
image/png 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/136064945_10158110702018435_8209980572953425745_n.png?_nc_cat=1&ccb=3&_nc_sid=dbb9e7&_nc_ohc=X2Ek5l_PkvoAX83uNYV&_nc_oc=AQmIOdQ7oySft47E_eh6i02KT7LFcHiZcrmmUYzlojmAfKFXPrBeS7R9P80ABuQSf0CpvFQfds9dsnM-JyPOkISJ&_nc_ht=scontent-ams4-1.xx&_nc_tp=30&oh=3a8fadc11defafbc578504a2170bb4a4&oe=605811F2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iM-F4/y0/l/pt_BR/B_PLCOT2qjH.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 116aca216ed16248ff0c22a3b301ef0b7242308118ce0e699a2c338ef2d4599f

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 107397142
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 05 Jan 2021 03:09:35 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158110702018435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3731965980
x-fb-config-version-olb-prod: 1021
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1532

GET
H2 200 153079937_10158246432298435_1814526526228383620_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/ Frame 6CE8 10 KB
11 KB 40ms
13ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/153079937_10158246432298435_1814526526228383620_n.jpg?_nc_cat=105&ccb=3&_nc_sid=8024bb&_nc_ohc=frNJ50vg0jMAX9Zwcek&_nc_ht=scontent-amt2-1.xx&tp=7&oh=95ce1db8351fcc9d75f4ef3849586d57&oe=60598E9B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 42c4c8ea3b05a95061299c7f825f0f0ee8127e8b0c322d653c1b1480e0416fb2

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 98995576
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 21 Feb 2021 12:59:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158246432298435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2748323050
x-fb-config-version-olb-prod: 1025
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10435

GET
H2 200 151779022_10158246423243435_5166182581730672106_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/ Frame 6CE8 12 KB
12 KB 39ms
14ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/151779022_10158246423243435_5166182581730672106_n.jpg?_nc_cat=106&ccb=3&_nc_sid=8024bb&_nc_ohc=Mri8z98Vx3UAX_fCnQu&_nc_ht=scontent-amt2-1.xx&tp=7&oh=6882a7bce97181dcb0c27af65c0f10ae&oe=605932FC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dd04a04712eb49ef1be630e2e19b41572db37335c2ac950de9fa999f1e66fdfe

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 1004291288
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 21 Feb 2021 12:50:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158246423243435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 702251792
x-fb-config-version-olb-prod: 1025
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 12083

GET
H2 200 152733445_10158246414443435_6558606242384230167_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.0-0/s320x320/ Frame 6CE8 15 KB
15 KB 15ms
14ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.0-0/s320x320/152733445_10158246414443435_6558606242384230167_n.jpg?_nc_cat=110&ccb=3&_nc_sid=8024bb&_nc_ohc=oUurLw-Y0-EAX-2FM72&_nc_ht=scontent-ams4-1.xx&tp=7&oh=6572da9ee960db0c33316eafd585c2c6&oe=60592129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 63cdae97f11705b7c37a7bf76fd706a8449c07f5af20755a58108fc84aeb4665

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 3407400904
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 664085054
last-modified: Sun, 21 Feb 2021 12:40:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158246414443435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 100054358
x-fb-config-version-olb-prod: 1025
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 15447

GET
H2 200 153282578_10158246404738435_8464184037105904710_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/ Frame 6CE8 11 KB
12 KB 42ms
16ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/153282578_10158246404738435_8464184037105904710_n.jpg?_nc_cat=102&ccb=3&_nc_sid=8024bb&_nc_ohc=v2MPmwPXyPoAX-Icwoh&_nc_ht=scontent-amt2-1.xx&tp=7&oh=c23e142700c01768c7e770db3a3755fd&oe=6057D011
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 51cfd58f252af7b71eeba5714b4d83519841d20f15605e727389ecf92439a6c2

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 1439200680
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 21 Feb 2021 12:31:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158246404738435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3853766884
x-fb-config-version-olb-prod: 1025
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11750

GET
H2 200 152695208_10158246398498435_3460160666433387695_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/ Frame 6CE8 15 KB
15 KB 39ms
14ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.0-0/s320x320/152695208_10158246398498435_3460160666433387695_n.jpg?_nc_cat=102&ccb=3&_nc_sid=8024bb&_nc_ohc=Tr0VfQ2zawwAX-sdDHK&_nc_ht=scontent-amt2-1.xx&tp=7&oh=bda3017e4c04784eaaedd499f567084f&oe=60580B40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 25dcfa1ac4ac2c2636b0aba3bd15ccb9876ddb1383df0d196444e6093589c045

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 97270164
date: Sun, 21 Feb 2021 13:03:57 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 21 Feb 2021 12:30:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-content-id: 10158246398498435
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4080950295
x-fb-config-version-olb-prod: 1025
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 15584

GET
H2 200 cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame 6CE8 3 KB
3 KB 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/tM7zBvTq9ET.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/tM7zBvTq9ET.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: rD6GuZHggVX+IZB85ka7RzGg34PXeabXi0kA7cUYMk5Kp8xMVU82tMIIC4GMXfB5TmNbK6ilS8ijJG/nVl917A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VrHQyF8wNkH5pOhUYwyBPQ==
date: Tue, 09 Feb 2021 00:06:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3170
x-fb-rlafr: 0
expires: Wed, 09 Feb 2022 00:06:19 GMT

GET
H2 200 qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame 6CE8 3 KB
3 KB 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/d2ioIL5J70f.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: r2UxKC/o1mmawu3V1M7zRmw+kbdIntDtZEKKhBojh2m9k87heZtKn52nVOUk3NddxT7eT4//RUYoUr3FDBltwQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iN31dShDArRt9ZikrDb13w==
date: Thu, 18 Feb 2021 17:20:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2616
x-fb-rlafr: 0
expires: Fri, 18 Feb 2022 17:20:03 GMT

GET
H2 200 n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame 6CE8 3 KB
3 KB 5ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/lUQLezk6Jb5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: KTwAzZHp99AF1E1tdNSKMlXptJkcvc7/6oYBDTnb2O4CUqHPWdPlCl/HSSAHRbKlZO/WPVOtq9GG1Aw95U2NKA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FxoGPHP5kucUksTSZgXu4w==
date: Tue, 09 Feb 2021 00:06:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3249
x-fb-rlafr: 0
expires: Wed, 09 Feb 2022 00:06:18 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
339 B 140ms
140ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=60800208&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: c69282e180676e29e0bab966954ba5a1f32bee3ed9822c09ab4324b5e9bc3877

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:58 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 150ms
137ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_warsaw_mazovia_pl_1613912637762_3261294947&tJ=&tQ=ofuxico&tU=0100007F3D5A3260A106738102711308&tX=b.52&tY=1&tZ=51016193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F714 42 B
89 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhbWtI8OtTeFDfqZkSxlEiYpwHPR0PrMS8M34TR4sv5j5-zNTm97ySkrTACdlOJ_9mrw2b2yRjb8V9Ky3sUq69f0rxHmbd3w&sig=Cg0ArKJSzOrbTO_JmINvEAE&cid=CAASF-RoqnvJD8tXRLwdy6uAh2noH-GH63CI&id=osdim&mcvt=1000&p=884,314,1138,614&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210219&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2110133660&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613912636246&dlt=26&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame F714 35 B
503 B 55ms
54ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@43979663,9144194264171805807,100|1074|0|0|0|0|0|0|0||42|1|31|42aa6bd74277ac0e3944f58e9442b35d0f568001_1|||1|0|0|tcW6iswWh0IEfUZHiYmJHGOiuwSL1Rui0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame F714 35 B
303 B 55ms
55ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=43979663&event=178&time=2&baid=43567078&name=Viewable%20impressions&imprid=9144194264171805807&icid=0&eData=U7Oa3xCJMM-rHZ4SbcYVQY6IxFjhsTYHumjmAI-8sjwDvP-67D9Y4w2&rtbdata=VuGAB4QUI5twEKJqycwdgURGQQTgpRT85vnqbyRUpnD4-9QTZEndb9IjJeP07gl9jUJmaJaJhCwHRm_VWFYjrlajTAto74YdYqocDgpFSWqeNPbkJ-QKpGmk3iL55Xq5IRcpVzxsbdGi3bnz9orG5hZANRG08vOfN0emMd0A9208ffzHPpaYBGJPQYTjuvsWDU6JjsSRT6FIGepeP78BWerAjnerPjSZfx1_YPUTRfTlxJHD042glHn1vXMqXDnTZgzJWlwAvM2lXby3Aopm-2j8TZo84rWC3itAqBQ0BuW1Cdny7XYX5LisCf5IhA-qSkWdgYcPc0wepiCej5fwYDv_8CqpXEwrPpNYoctTyrk_iFYw9FsTTM3IUuK9meyrJxx1XQg3IZZbQR8sLC5T-HhLLgS4efDp9IWN7H5tA5ThQW6FXjSrzw2&rtbwp=9A9F73DE8B1DF530&rnd=917886967

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:03:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame E093 6 KB
3 KB 879ms
228ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: static.dynad.net
Software: DynAd CDN D5 / DynAd.net 2020
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=173271613912637882
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

date: Sun, 21 Feb 2021 13:03:59 GMT
content-type: text/html
content-length: 2318
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sun, 21 Feb 2021 14:03:59 GMT
pragma: cache
last-modified: Fri, 19 Feb 2021 15:18:45 GMT
x-powered-by: DynAd.net 2020
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
server: DynAd CDN D5
x-cacheable: maximal 144h instead of 153.000h
x-varnish: 441721173 418028697
age: 164715
via: 1.1 varnish-v4
accept-ranges: bytes

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame 8869 53 KB
21 KB 1087ms
437ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: static.dynad.net
Software: DynAd CDN D6 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ofuxico.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=173271613912637882
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ofuxico.com.br/

Response headers

date: Sun, 21 Feb 2021 13:03:59 GMT
content-type: text/html
content-length: 21079
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sun, 21 Feb 2021 14:03:59 GMT
pragma: cache
last-modified: Fri, 19 Feb 2021 15:18:51 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
server: DynAd CDN D6
x-cacheable: maximal 144h instead of 204.000h
x-varnish: 443766213 416438696
age: 164708
via: 1.1 varnish-v4
accept-ranges: bytes

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8869 326 KB
113 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114825
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:03:59 GMT

GET
DATA 200
OK truncated
/ Frame 8869 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 bridge3.443.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 0AEB 576 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.443.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

500dd5fa9772f9c03fe09e2adc5f591a0eb4328fc0b7d094879406a67a675cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.443.0_pt_br.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192708
date: Wed, 17 Feb 2021 22:38:12 GMT
expires: Thu, 17 Feb 2022 22:38:12 GMT
last-modified: Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 311148
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8869 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:04:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8869 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Feb 2021 13:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AAC3 36 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 12:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1810
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sun, 21 Feb 2021 13:33:50 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0AEB 156 B
554 B 341ms
339ms XHR
text/xml 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fo_fuxico%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dofuxico%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fofuxico.com.br%2F&correlator=1452257849536094&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fofuxico.com.br%2F&vpa=auto&vpmute=1&sdkv=h.3.443.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&adsid=NT&sdki=44d&adk=212525250&sdk_apis=2%2C8&sid=3429B5DE-159C-49D5-A235-BB0B099EEBBC&eid=44728149%2C44730896&url=https%3A%2F%2Fofuxico.com.br%2F&dt=1613912640229&scor=842612139239437&ged=ve4_td0_tt0_pd0_la0_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.443.0_pt_br.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
t.dynad.net/pc/ 70 B
422 B 193ms
193ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003218;ord=1613912640591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE1 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:00 GMT
server: D3-FE1
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.514 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Sun, 21 Feb 2021 13:04:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame F714 35 B
494 B 58ms
58ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@43979663,9144194264171805807,100|4773|0|0|0|0|0|0|0||186|1|31|42aa6bd74277ac0e3944f58e9442b35d0f568001_1|||1|0|0|tcW6iswWh0IEfUZHiYmJHGOiuwSL1Rui0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 perf Show response
trc-events.taboola.com/ofuxico/log/3/ 0
424 B 52ms
51ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/ofuxico/log/3/perf?tvi2=1571&route=IL%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofuxico.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:03 GMT
server: nginx
x-fastly-to-nlb-rtt: 25734
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ofuxico.com.br
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.14.127:10213

GET
H2 200 dc_oe=ChMIvOzAioX77gIVAkDgCh394Qv9EAEYACC1ju1F;met=1;&timestamp=1613912645953;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C403 42 B
199 B 80ms
78ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvOzAioX77gIVAkDgCh394Qv9EAEYACC1ju1F;met=1;&timestamp=1613912645953;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_oe=ChMIg-DRioX77gIVUnHgCh2gKgc0EAEYACC1ju1F;met=1;&timestamp=1613912646137;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0920 42 B
99 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIg-DRioX77gIVUnHgCh2gKgc0EAEYACC1ju1F;met=1;&timestamp=1613912646137;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI97TkioX77gIV0LjeCh1NZQfvEAEYACCk_-1F;met=1;&timestamp=1613912646289;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0714 42 B
107 B 74ms
74ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI97TkioX77gIV0LjeCh1NZQfvEAEYACCk_-1F;met=1;&timestamp=1613912646289;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 13:04:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 18:28:08	Name: pux Value: 1512%3D97670%262249%3D97670%262307%3D97670%262974%3D97670%263778%3D97670%26brx%3D97670%26goog%3D97670%26idl%3D97670%26
.rubiconproject.com/	1970-01-20 01:04:08	Name: audit Value: 1\|om9JaZazMzGOoIPJiL/RTaOn2DRulr34VZ3ZUIs7NJKaqae/FA50sPwg7soIRC/lLrqpHJvwjsDLv0ZnN1+t0WpeS2MlTsz5tvacoCptBQ4RV26uJNArmiBWstNQt9FF9TDIfB9kYOtALrS87woQ1X5L2q9qmCNPBGBWt6IEQb9GzKDbmpOAkfr2txpHIO+WQglbQ0zTchfF6fZv2bPMvEGe5df31h8KdhEt/Dlz318CeKllS49mk/X7HLzVMrYFK0N42l/z2BmMoQsrZLC0DLiCYzSWP7j+lOyCXXZigKOrQ5pn+80I0m2WTdwuMuaAyqt4ohc5wWXf8hFm8/6zjKaL6vWQ50gOGpPqc0uZCul0NQ91ihtFtvIs7joTOKgHqusxtkTkyIwq2j8UqcK3tSVhu+sKeVKsiAPAm7Zo0keQtKxNToISms6go6/1Gn8EhXmDkXMNEu7Dm5xBB77c8+J2F/nb624klOyCXXZigKPNvPh+lQgRsWncuGwUQODolOyCXXZigKPjNUQWExw4Da9AkE8z0xSP
.rubiconproject.com/	1970-01-20 01:04:08	Name: khaos Value: KLF5WWS4-14-3PRV
.doubleclick.net/	1970-01-20 01:40:08	Name: IDE Value: AHWqTUnTKHpEJeGfKjLuluRgKXjIVHMFCSCty4SpALV2LGBEW84136LKt4ZcpSrx
.ofuxico.com.br/	1970-01-20 01:40:08	Name: __gads Value: ID=df25c41ce31f8454-226c41ff8bba008b:T=1613912633:S=ALNI_MaoWbnPI-TiEN3E8oXUX1DAWBIYyA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://ofuxico.com.br/
console-api	log	URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=(Line 1439) Message: dynad.tv - core: dynad-tv-protocol/init
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/settings/initialAudioVolume=50/containerId=_dynad_c_I5550009734_16139126378832002425687/showPubHeader=false
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/load/https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=/8804/parceiros/o_fuxico/in-article&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dofuxico%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo%2Dauto%2Dplay&description_url=https%3A%2F%2Fofuxico.com.br%2F&correlator=20771227471637156&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fofuxico.com.br%2F
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/active_display/true
console-api	log	URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=(Line 1439) Message: dynad.tv - core: dynad-tv-protocol/no_data/AdError 1009: The VAST response document is empty.
console-api	log	URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=(Line 1439) Message: dynad.tv - core: dynad-tv-protocol/close

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35671df67ef56d78ec889700bb5496c8.safeframe.googlesyndication.com
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.pl
b.t.tailtarget.com
bh.contextweb.com
bttrack.com
cdn.ampproject.org
cdn.pn.vg
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cookie-matching.mediarithmics.com
cookies.pn.vg
cookiex.ngd.yahoo.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e1.emxdgt.com
embedsocial.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gde-default.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
imasdk.googleapis.com
match.adsrvr.org
match.taboola.com
me.jsuol.com.br
ofuxico.com.br
osp-assets.pn.vg
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s.dynad.net
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
stats.g.doubleclick.net
stc.ofuxico.com.br
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.taboola.com
system360.inistrack.net
t.dynad.net
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracker.bt.uol.com.br
trc-events.taboola.com
trc.taboola.com
tt-10162-1.seg.t.tailtarget.com
us-u.openx.net
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
104.108.50.124
104.108.64.33
141.226.224.32
141.226.228.48
142.250.185.98
142.250.186.162
151.101.114.49
151.101.13.181
151.101.13.44
172.104.64.149
174.137.133.49
178.250.0.163
18.156.150.124
18.193.136.159
18.195.155.181
185.11.128.204
185.29.133.208
185.64.190.80
185.86.137.133
192.132.33.46
198.148.27.140
199.232.137.44
200.147.166.107
200.98.2.62
23.218.208.246
2600:9000:206f:800:6:9eb2:5cc0:93a1
2600:9000:20d7:7000:6:5b96:3f00:93a1
2606:4700:3035::ac43:9ecd
2804:49c:3101:401:ffff:ffff:ffff:52
2804:49c:3102:401:ffff:ffff:ffff:50
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::9c
2a00:1450:400c:c08::9a
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.79.35
34.102.185.99
34.120.207.148
35.201.69.215
35.244.159.8
37.157.4.40
37.157.6.236
37.252.173.38
51.77.188.248
51.89.21.21
54.72.52.19
54.93.115.47
69.173.144.138
72.251.249.13
00b0c69e6cae08bc4a4d00a7ee8aa75b77499c5b7df14d21f69877c1c1a3622d
00ff29184db01053219414d9c35309521133e3b4f71ae44aa28f94ba374549ff
01420977a0175804243c64c21a3dc0c75e8cf9c5c26fe357a5a883de25dee124
01eb82dd42f331969d90e15b87fb84e27b99878c34797425c44ab1dce61a51b7
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b5ba69df7b48d8349fa143003940b5667598bc49c7cf131ac479d0e337aa2d
04e0066461697cbf57579656c27646e2bd9834d2cffc13cc9dac59edf8610320
0534199a043ec608a67560ef3a9bf04b08d9c0bc12bb551d597ef53c842f18cb
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e5b2921b0483216346b015d55f58e78252841cffe1fed66171e5d3b39b87cc3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f67c6beab8d4bb8fb6d705e572e61bf5c45210bf27495643167972a5c44a21d
0fb7116d1bbed05a17667a3bcde7567a847b4988df98330df20f85308f322f6d
10f2f842d39b34c6f386a19a7237b41601c0398b64fa400915110c0d1f90fbd7
10fe8251d0a3f093e35e4508ab0a8b07e04c4546742c749dcf0126e09d2e8925
116aca216ed16248ff0c22a3b301ef0b7242308118ce0e699a2c338ef2d4599f
11a70a94cf6c3be13956b1599acb07a6a1ef7e6275d8ce06c79cb14e39b18fe2
11d4964172d92dd86e01d3b081bd75d1f8294c087590690b2e0fa5ac6c5de09f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13690fa507f2e309fd69c4e9ba81b0424eaf4b8651a4e10b50086df8729ef3a3
15dba08f52fd761aea3a91ee6b30a60d21a9aab51aa66f319c10a0a6fcfdee12
17fcdeaa4072a7ade32842f94f93c8008a572edd2158f94052dcf821b86be6bd
1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1
18d03264b62254ba4c1020f22b33705ccf03c4d802646beb7ae5f7800e0ed6d5
1a7c3358c45085c5bfdb8525af70b75bd27ce5f0afdcc43b0e2bac9ea985e44b
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1b1104e75542b2e4f8c4de0106f33612edcaaef147ec087608bac0ebb1b160c9
1bac0e3e4eb5e3ed97e2417f97ebfa584208a7f20b44b0f303a039090d2eeb67
1d89932dc0d8e89af6df42f4b1fb1c3d888f3f16aae6d468077f5de3ee631b2b
1da3214ec8b812ba0eac824acdbda69809cd548b6f5473ec8df25c5cc79e3159
1ea130b8bcae68a3ab8d8d18950a238d07add9d4978f73801e7b5892ecb8a860
1f1ec5c2aa5bcbdc07ada05eab0902791a213915b2b1bab36fabfcf8db8e3950
1f739dacb5198aee81d7762699ae4763f6978230a4f6c76fb942291c0571fd76
1f7d9b949bb9a3f8d10ab6116926ed43bd9dc9c649201171e66e48646a54e1ac
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
22e2618ee63f4362dbb5bd0526d708e0585fb6ff990640a8a3f7379ca71a3811
233b2d79224e81e21a76130cfdda5ad323ef9c3d1b1fdfa1c2f5465b054a82e2
2557989d17ebfacb8e8244a5c47e03774f69b5660c91147b7f5961893f8ecd43
25dcfa1ac4ac2c2636b0aba3bd15ccb9876ddb1383df0d196444e6093589c045
26795dbfb60d0b5e19ff894b7afc1fe8422bc8409775dbb4e1a920a25255c52f
279cc8aacef41bc8a3d8fbe7d22bb728653a6f56d66e218ebbd66a6f5ca05441
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2db9d204fe9c7b6ed599bb9945b2760d800ae24305a3a38f4e932523448a0140
2e4f361fdb026c533b9b9c0531664c549311115d6ce5a07f47c898dc6d2d849c
2e6f4c137180fe856baf0495ac8acb30538c8996cc50c8b76643a7d033b29b5d
2ff3728cd05260638adcff81371ca7552794a47c4332c269c38e7f1833a654cb
30889b3a641f667f77275bc91ea981e98f4037e50bf5e72b8dfba6914efda03d
32f151abcb09349d8f3184f7d58dd81dea533ab1c6f8e0284678d95c448009aa
332dbd1e68e7f8e5ec1c02ccacc8f8d692194bf4898f879c9d24c4ba46bb4062
333870d634fecad63442b60d0e1c2ae3531f3579fea1f675d1e80b3ad9fca38b
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
354d40d32e69ddb6a1d76fc2bb135e2a2ae54f88983287a6001b4bad71865647
36497cd4daafad4ecad25cea32e128585a26f2096f253d2dec5faab6267cb793
3722c907e9d14c3af3f1cbffd8755a0747f0298077699774b1d28fbbd4625d21
37923a52811f7f2294869ad6506c3b3c8d280bf5bc69a24eedb2c9966e5e89c9
38dbd732eeda57b1f2a56705130c839a7e06f276692e8898f037682feb762035
3ed1a535be2f9c8e525e472095569f2a3bb6d4eedf9285fa386faec35ef850ca
41dc3d50dccaadcb2c302807d63f098c2a3cf88ef3750bf4d79a9da1e2e597c1
421b4b718ea28fc78f4e05ca4f8c9da0ae903f745d7e7ce023b167f240f35fff
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
42c4c8ea3b05a95061299c7f825f0f0ee8127e8b0c322d653c1b1480e0416fb2
4321535d5473d88502014d3df45f36e2207cdc4471b42da9d9543c88d210e39c
434eae42f3e154fd3ceb705ecca6918803df24ea1cc3f7501d521d1950082592
4466e5b96ce9c662ce1559cbb3ff9a70486e18cd56d0010fb4e87edc03353473
44f702c12d937b18a6b2a9d7b458fc52ae9f7ef8f0953364f4890afef50c6d36
46cd86088be0377b1b66043dd94e7ffd54ec0b5b137f571804583b41407bfb15
472a73ac67b06edf3a559de2f57ec016cf67621194eca55d3e677a695760d62b
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47e7783348efca301d62f774049845580c55efdbc58e6cd431b1aa458ed40cd3
488173ba471fc6d0de44ed613bc5e730f90f20f01e56cf6c7118f3e286305d8f
488e3319c6241eb53a4e994ce490442086cca2ce20b89d8a5496365338e75f48
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a0b58a81e218558496204dd7ed5ea93bd5c127576754278e7daf04314183c84
4a45954282bf4a3ea6bf2ca541cded79d07a010ec75a02336ceb9857b481694e
4af08a523ab94ee2060496be90ebdb9938c20705055674e202c08afd1dbb0ac0
4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4d672cc24359d571abf8dcc5119abdc142d32039be9db93cf509f3d1551f1a5a
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e073dd0b33d9ad25f6fb171e72b24a69d39b8affbe17b44abb0fc5aeb44bd5e
500dd5fa9772f9c03fe09e2adc5f591a0eb4328fc0b7d094879406a67a675cb3
501705b6019b8cd5f638a6f9d1b1e16dca42df6e4dfad478b64b15a3474b0feb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cfd58f252af7b71eeba5714b4d83519841d20f15605e727389ecf92439a6c2
528a1dcdcf30d95a3753d0bd3a288ea0c71d0dd8f957832177a2892153e8ad31
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
554858059fd3e58c0a51e95189be5e42a2e7d7925bdefda1896871c5662f8919
55efb3609a5d358c131a01d7b78f26b3f2755b74a5bbfe073821a0f8772f42da
562e8ea09880829076aa6c8a9cf3b4bafe3453ad9519913232abe6e8184561fc
56a3168fb2dae89d7647585fddd51d1d9330cd0bc12746394990c309485f1bda
587b234b1819edd56fb28552f715b8d1c367a1dd28829d07c3678229c96e650b
59c0bb279c0e6c3df3477c78e2178e02143152df573a04bb5f986c19acdf8924
5bb126590c1302a68219017c48638d013e2b07f11cd1f26eb89061f7756cc7be
5bfea9c669311fa23a4bd9cb8a56c8061e419d1cfcbb0aaf4a2a05d440f9278b
5cb8a143faf9938c654f5268d70755f86dad8f356827bed0a1d23ba586f45dbd
5ce1102f198381080233adc8bc781e8bb702591af65ce45106d16ecb0a657a13
5df92e8be98817009e96448b9cccfbfca36b279be301b9ab9bd0cb575a72a86e
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
5eba5e9592f73b7fdc4f0ab5ed80846a2a5f30fba5a2ca3d3c13a5fe2c0108bc
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5f85ef7b04765a28b55eeaa3cb6132748c39ef3d0c33d2c9e8ab9b335c710e31
60c1961e8236404c583f6231ee1ca8a35a2cbe807ab76b6c436ff153a9a5f76d
60e38cdaa31f7917ce2e09309a7787a70541144e9d2fe8092f033da4c17dd4b9
61c5d1d62fbce85b2e74928b19024cd4b9ec0d1437dd91aa545cb03da1bf521f
62e996bf803f95f20c5922dfe391971a3030712956355e534de07e3b7ffe6c99
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63441494c4cddf875b946d5ce32444c95e2ad92761c590b64ed10fdefa20a8fb
63cdae97f11705b7c37a7bf76fd706a8449c07f5af20755a58108fc84aeb4665
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
643d1727c3ad39fc29ce91c443e7203af9ae9533215837b9510e7c9e5b62c8a1
650b8051c41dd8f2560549eec64e2b79eeed626e3fbb2affecd1f41d333e1c48
66ccbea6ed7166114e759e14cfd32f946301775a152e074d18e95d3bf58a1e23
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6878f813fc1db2b3c2457a82df28e18b03bdae514edeb3f70581a79f6aaf5333
695d47bca938a53f119707ed4ea6605b3f36e33cd3b2d2fae3e700b41b2976a0
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba1b3b429dd7cc8066709699bf25677d8f43f1097274f068a79f29f98c5ad84
6bcb4d1a1ffd69a8b12961e660acd1d1e0cbde69bb5fb15aa1301c4dfb9ebc3c
6c4235c8775c33af7f874cdb897cebb926a7d9219adf320465a2b28b76fad619
6c6c9da3267c9732d86c810eee43bf8f9ee16ebc80b713c136265ccd13e536b2
6cd6e79bcc9d139cafc60026063f5dc2665e4575a554ab0b3423a87c2e35df9e
6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac
6d568c0b15e59a48d37ee8935a215f97c97bb67d68508fea5bba25caa9bc1a3d
6e46ec09df243dde27c6ed2b200e5fe824c8c2a50bbd1252af0ec341ec7df887
6e72ea545abbdbfb27fd39d1843bc7fce97e359b27f95bb9b22ef54f1c2e84b6
6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf
7029998a38a47f1a3bebc97b418ac2de58506126004703bb8c63bbedfb1b39d2
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
736ba4d82138ce7fa1aa4e278bb2b36ea104a287bf10af9f11f521487f74d410
737b003b9e4cdc9ee4649f9dd2d76dae0ef18b93fcc9b6ff6049d4ecc1cd1c00
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74a202d67a9ca4ed59c57c9115ef120a464a3f08394f228d08a21d6a0d46ea68
75fbf308d9e8d55ad9a4cc100d61a4b69c50f9fe22193a944d8da7690f145feb
76cccf3fc40e7135dfac13135d69b1419d3d422622724d2e79c4d21639338f38
771b05dd40957515c7fa9ce2215997d175a66aa7fa3cb1dac3403563e3a8b2b3
771e433e8cfc1ba183e082cbf0764d60abef7d57ed7f0743da7b73404a1303de
78bb4b302af19918e52a7ab34a67ce5f889a845ccda9cd711fb1b37bedec6e99
798da0258ba56d3f41eff1c48ce6a86bed95d7490f651b0c813fcaa004abf547
7dd6c53de6a011b6b6b96a7c3bcc471fc63248171e0959d06f44bbb02f86180d
7f118c61473166b5046d8d29c4601d335755e4db5c0d9e6c5cfeddc7030d11ac
806038a5d73ae0e6879d290060d29135100d7db5d9138d03f50641ddbeb659a6
81b4ea2ff994d680f6f110390f5ac141da3d80e6d1131dcb8b526549f603a756
820cc0232bd6f3421c7dc32b45f917dca733023117d99b6b28c32f3f5d646ae6
8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85416302f7412a12dddded6856bc0c036699d2f0effbcb4081dc5f0a604c4fa7
85960a2431074b15081ab5b3278b0986ce29f45ef741964baf7e88f95185d9b4
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
889cb179cff0a67aef7369375f447f35a101bba70eeb933cdee74a8bf9c3ad9b
89c8dd84fd7ba4f4b230a39a05a2da16ba134d10a9a134587f4253e74b61beeb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0a7815133f59189081054dc99d66ecb08eae19c4b07ae3f075a54f47aacbfb
8a127d031674a6a1303c26c410c2afdfc20d82dfefca224ca9fed1a68c0312c9
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f4e0406f895efbe85d16c0f810f276e43733b11f66e39829809f0c9ad89afda
90ce058f239bc560e5a3bf80cc4189e54133f4af922b43a42d14b7e8afaf105f
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
9211661c792630e5849c7e52d1339af7443eadce3e368f53b1a5399b0f2011b9
939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3
94107238a1097b66d59ded9c22a26e793aaa854e8bd4f555e704aa23acb6b959
959c2de9ef4e68df841205ffea3a3d00820397105a70a345c3e42534b493c554
964768e7d4159d0914b81ba59d0227c5058920cd6f35a4b8b4823d18f229e207
9686c70679f1ebe2f3826834574e1f9697ec1f6fb7006020ac5565f2ccd626ea
96e7731384f461de6b204d873fcf90a7f140c482854c76ca748157362b5f1a2e
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
982ec3933fb7c1a8ab238f1950dbf3ffb69d4db56bb460dabc7a44e842a3257c
99a63f1d9ff8a96e5dde074f7d652e85eb731787bc8912ecec7a4f63779efa87
9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c
9c3e0fadb75cbf97cccd386c310ab5903ffeecbb4ffdbda27ba505c4d4c80d71
9c594ae44df5508149642ffa7f0e9de94638eca56f1140fe223d4d6647716bb6
9e982af209308e7331c4b6135b1acb2fed598e6c560daeb28e2d3f15d0fdb05d
9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f
9fa14a18d3e177edbec0626a0b30a83add2951fbce5b2f330006c03e1cc7b4c8
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0934548e5f0ded78ae4f9f90202b1a160a85e7a576a6acb5e621b006a6e5fe4
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a128270547b516ee0bf212c2d071200c1f0ad53b2fcc720bcae429588c89c124
a1aa2ed388e18d5ae5b36708bc94771a96eea3ed5233ee328454c38f121ca0d4
a1b4d1d003454e84ab44b3c1a4f072c8d73e34f48cc8a137170c567fe672650a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a55a157931b320c514e7c6231ec0d047868a742a643128b959ad32bd353216c8
a5991aff768a1baca28ae42a23222850eba7b0cb768734001f9efb1615bd173d
a7ad5bdeced7c3aaced28a25e2728cd72670ec680e8f28ee307326c5d5637657
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9c5fe5ad811584a80899a7f489257476ff32d809a712601439c01aba51958a9
aa1ef3e059b0eb9271479c468f33288388cfb75c05e24b0b2833c874aee49ca0
aa25ea0c4fba51600428c0799bd192848209633d14f98f5fd2288fff967ca38b
ab0f5f8dfb4407610b2dadf20e1b411f20a4826cec33d74b91f0fc38ad42d397
ad0f178353b2a2459c85ae633ece2ca2894fbcc9877ee2bb0e299882f3327c76
ade0cec2a91ae4aae71f648bcbe36d17d93058453d1f157870d4f1fc34f98c36
ae183002964e0bf129c31dd200c3084c970e2eecde9fc499c565f9b660d7c3ec
ae2f68abb9bfa138bae4523d36ea6e83a5c7411afd4f9e0632b822a4354f4a63
ae33e36171bc1a9aa4987fa814b70839760ae22d3d9622c0c820cfa245dfe4bb
ae34954bc1593d97d755ab8ac5acf74e525c5c2831e99c08aecc680de9618d04
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f6f22b5ef3af4359b0b3bff87cf72327d9e1ee48ae9f0b605c211116ff89e2
b24e2c45da540fe529b5cc6d049da0d7f2dabfeadc165d68b1b3ed28649ff713
b29a7e6882a46221d938d9c4352a77c8d29aa57608c8c7e89085f27bb846b3cd
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b31a62fffbfd70f029f3835476bbb23c4007bf26adbb23c09a1e64a2074ef6d2
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b70ee967ccb2e931a6fd504254c97ae86f6e88db785e72355e55b3d33bd0dafb
b86b5952ed94f8cd1aade8fb26c630f3d6e33def5d36e19838780595a78168d5
b9adf40f2d62a7ea105d6b36b53ca0228c603957a3dc4bc135df78f747c6e440
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bb72ca42d4baf6c0c798c3f3d8e49346e19cd36b7ae80ee38088b5e1a59d77c9
bfa5f6923b0b2e8f62cb090902d4047b6e94eb8e3800b5de7d0d54386ff2d070
c04b3558fcf6a45a803e0261a9597d93ad42de503b23fc2d5a5185258d660e10
c50e2ce6b368dceffa58437e184d0e15eff0f37ddf633791aed42d1014b44b9e
c5a75c466d55f6c85822ec277f69b61054a92503e37f7fb8349e4830376d7025
c631446d83ca7bbb74b17e51e2901089cd509bf3988076dc6a7ac8ac2d6727de
c69282e180676e29e0bab966954ba5a1f32bee3ed9822c09ab4324b5e9bc3877
c6a5c170d498102030103890bc96afbaf33ea3158e5a8aa077eeecbfcaccb083
c991e11f7320130365930976806365ac58537a0394e5a0043e9d93ce2a485111
cb1d1e8370ae75f80d60f936bd055c20fb1c75174a644c0805255a7bad1f25f7
cb9ce0adb5d29907315af3769e933e263ccb245bfb6f65c19847e7bc1c17a2b1
cbded92263d1f88b8c9f2e838ff9d7ea59a77c109ab4ccf93d9e9088c558476e
cd5844a01a38bc4b6ba9b1ade25de60b3e12e3326589b5ba5c58389dea3177a6
cd5dfa72330b9cecf543d271bb15a0f5b805e7ed4922eacf90b7cd2aa5c3d871
ceb49c32809338bb4ac8a28ef6f6450ff7fc165cda5245c79b70d1b46e768317
cef68c41ba328dd5b20748634ace248185cbda77d683c56e6cb10b613d6dff9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9c22a59942904bd94f6a3b732fef1124e26468f55517d124135ec349f2c098
d008d35685161b1269f1127535c40c992216b77db50b83b39de20b82962c0f8f
d03dc80c3d3f6af88d39db193c3a855a32549740475030804cc9716ca92e9410
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d15702440e2ebe50b0df1a4971628a43421fa5a485f397cbfa8adc2228b8f709
d248fce2ebb3a1129a2ae8a8f69c75ea2283a49fb5e6f8eaf2904d7585a10109
d279e228115ac5f5b52fe90dcb85478b70f9f94250c8859365a9a5c24c809094
d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9
d428a6498eaa6697ff4e9d7914879548b094bc26a1db70e07aacffc79c1ad505
d46fa60da32c2fd6463af739cc56a0f974b2c2f6e6ada292112389a63bf62f3d
d53be8cf6f3c9375d205f9f9a0b01dea95e68db3393e11be72aaeaadecbf5810
d59d724a432594bbc5d27dfc985649961012ed8534e0f69ab9a9a849afaf4cc0
d70c726b642ffc9d358d7d27f7f17c777097adacf3897c029fc671bc7ac51eb4
d92b8b93d130ce7a5985fb53086b748d83822cc675ef70af6a0d6bc2adb6fb36
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9d2c3ae3c9483122b414519f21eb64bc4f775c4fdf8209b08c7a56747ed50dc
dae614ef894f0918f6333e52adf3b278a0fdcaa5c973f74244e236b7d84a77b2
dca8c46dfc9d6da722d574c9d93921a49b9d88146ae9e9eca74907fd34078554
dd04a04712eb49ef1be630e2e19b41572db37335c2ac950de9fa999f1e66fdfe
dd3a27037d1fbe26c1b928fa186ff46b56532943f18e1434898169518a0ba4c0
de64c0461a696b282568fb287f889183e0adf629d05ceda7302cab249b3f99de
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b
e00b70e9a165e7e1bc39ba9d092d02099fde2e8607e543786f4e9bf00389e428
e1cd1dd59b3c716a09386be7adb007469b1358d9fa7b890eb434dc438340c12e
e3735aa5ed1ca88564211c1925a31fa8f2b1c336b263a8d3d791a998f7507095
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e496a8f239ace64ec13b1fd90c69660e0996c02a1b4b737850292d3a0792159a
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e59ba7b2e2e2179d2a10635d640554731087bf8dbef00f62f3c0b236561ce4be
e5a60e04185568a2e433a2b8755e91021f62ffc96c7ef7f11c5c8faea1660d48
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
eb394d9558ed252e12742251c91b95762e682ec74008b6dbe31f6fa16b60ae45
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6
ecc2434be745189be7134cce96088f203a93a4cbd5370ee41a3b28d61b231773
ed83826a35db57699b69f3a7cf9216396dd279d10671d24df8cddd18deb7d9e0
ede30e2eb3f4ae23af213841bb7952cf967b45fa1b8744ed3edb07e4355112ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61015e6fdcf3b0b733c6e1e0cb466b032c8a8e69decc3b20340e3eaac8a0e7
ef690c62ca9eebfac7642d9e8c8fd17bdf4413f4a61d2cc0b7d74bd0fb061381
f0486aac80f446bd8f22fe8623568a47f7a78c5592295c7a391a49d84e7935f3
f07266193eb15fcca2c5baf5ed049c09fdd57f3b421f2874bc0a0813bd58e516
f121d0424f09f3da47b8c24dd2f31b641158181dc570348087693b6d79df47d1
f174546b5275c04ef70ff98c058881464971de76cc7bc54bf174c04c28feacf7
f2026f7046f204c89714d70a88030164b1143c06d9f165ce72d093b0eb31cbe1
f2292ba78d159dfd68f04afe20349f461ebe2b848d99ea4884bf3b1d010a437b
f44f0002341a3560e2154719ff46f94dc63d9d7af51d10f87c04946dace3a517
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f58ca1f09ee0a00c2afc22fc1d30576c613dd3ae44c9a4aa9af5062fc21e63a4
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f809f9b0ad51b5d62f752e31a41ad4b8d23f7b9334f40bf7958eb2b15bdc0504
f8adf05dc6c6689b43d931ee770cbdc85f435d53421ebbd770c3eab4657987b2
f91b8723264d4c75f524ada8880269d8c0dcec12205e01b7c57d725b1f0824da
fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12
fb9457d06e83e5d4dcc04bcddc8f66966683dd61976221e10a893020e758fce1
fc7990c20b5405facbdd286ebe233a98e7a2362fe5790476209958bccd07bb81
fc8e8f530e3b004de5b031df970de2300f6c7690ab5071013bbb0c6b4c9ddbad
fcb61bde3081522669de6e33879f46e821595db94961ead57722ba55d1a1908a
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
feefb4ccbef7d5535599e69721a6b237e31db513991ccd32ec672958145d3185
fefd74bbd8df8efbc7a5198d160773ab7190846e3c14a6f4152ea759d43326c3
ffe84113442ad457d66e76b4b668d1f13dd2df120e78b6f004e46624f2e392d5

ofuxico.com.br Open in urlscan Pro 200.98.2.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

453 Requests

100 %HTTPS

46 %IPv6

50 Domains

80 Subdomains

64 IPs

11 Countries

6567 kBTransfer

12674 kBSize

5 Cookies

32 Outgoing links

Page URL History

Redirected requests

453 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ofuxico.com.br Open in urlscan Pro
200.98.2.62 Public Scan

Screenshot
Live screenshot

Full Image

453
Requests

100 %
HTTPS

46 %
IPv6

50
Domains

80
Subdomains

64
IPs

11
Countries

6567 kB
Transfer

12674 kB
Size

5
Cookies

453 HTTP transactions
6 data transactions