urlscan.io logo urlscan.io
SecurityTrails logo

saopaulosempre.com.br Open in urlscan Pro
2606:4700:3033::6815:50a8  Public Scan

Go To Rescan Add Verdict Report
URL: https://saopaulosempre.com.br/
Submission: On February 05 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 12 countries across 57 domains to perform 395 HTTP transactions. The main IP is 2606:4700:3033::6815:50a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is saopaulosempre.com.br.
TLS certificate: Issued by GTS CA 1P5 on December 30th 2023. Valid for: 3 months.
This is the only time saopaulosempre.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
61 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 2606:4700::68... 13335 (CLOUDFLAR...)
29 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.113.225 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.39 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.245.47.29 16509 (AMAZON-02)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 192.0.77.48 2635 (AUTOMATTIC)
1 2 2a03:2880:f17... 32934 (FACEBOOK)
3 35.201.123.184 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
3 12 37.252.173.215 29990 (ASN-APPNEX)
1 178.250.1.8 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 2a02:6b8::90 13238 (YANDEX)
3 5.135.209.97 16276 (OVH)
1 52.57.86.165 16509 (AMAZON-02)
2 7 51.89.9.254 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.102.185.99 396982 (GOOGLE-CL...)
24 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
9 104.22.69.131 13335 (CLOUDFLAR...)
3 77.245.57.72 36057 (WEBAIR-IN...)
1 185.184.10.30 203690 (RTB-HOUSE...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:1901:0:7... 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
11 34 172.217.16.194 15169 (GOOGLE)
1 35.214.149.91 15169 (GOOGLE)
2 198.47.127.19 3257 (GTT-BACKB...)
2 3 69.173.144.139 26667 (RUBICONPR...)
4 5 54.171.38.56 16509 (AMAZON-02)
7 9 185.184.8.90 204995 (RTB-HOUSE...)
3 3 3.64.234.178 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
3 35.227.252.103 396982 (GOOGLE-CL...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 7 2a02:2638:3::c 44788 (ASN-CRITE...)
16 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 52.223.40.198 16509 (AMAZON-02)
3 3 37.157.3.26 198622 (ADFORM)
6 10 104.18.36.155 13335 (CLOUDFLAR...)
2 172.217.18.102 15169 (GOOGLE)
14 2a02:26f0:280... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 54.155.202.187 16509 (AMAZON-02)
2 142.250.186.98 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2.18.160.23 16625 (AKAMAI-AS)
1 1 211.120.53.202 4694 (IDCF IDC ...)
4 2600:9000:223... 16509 (AMAZON-02)
10 2600:1f18:1ac... 14618 (AMAZON-AES)
4 2404:6800:400... ()
1 108.177.15.157 15169 (GOOGLE)
1 54.228.85.211 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.218.209.56 16625 (AKAMAI-AS)
1 23.35.233.56 ()
1 1 151.101.129.91 ()
1 2 3.75.62.37 ()
1 88.221.124.22 ()
1 13.248.245.213 ()
4 88.221.169.246 ()
3 151.101.129.108 ()
1 69.173.144.165 ()
1 2 91.134.110.137 ()
1 23.218.208.200 ()
1 52.31.236.51 ()
1 18.202.133.215 ()
2 2 34.98.64.218 ()
1 1 37.157.6.254 ()
1 1 2a00:1450:400... ()
1 2a00:1450:400... ()
1 2600:9000:245... ()
395 83
61    2606:4700:3033::6815:50a8 (United States)

ASN13335 (CLOUDFLARENET, US)
saopaulosempre.com.br
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
18    2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
29    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    18.66.113.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-113-225.fra56.r.cloudfront.net
c.amazon-adsystem.com
12    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2    18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net
aax.amazon-adsystem.com
3    2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
2    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    2606:4700:10::6814:e280 (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
3    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
3    5.135.209.97 (France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu
prg.smartadserver.com
1    52.57.86.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-86-165.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com
24    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.denakop.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ad4m.at
as.ad4m.at
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.blau.de
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
34    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    54.171.38.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-38-56.eu-west-1.compute.amazonaws.com
ap.lijit.com
9    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
cm.creativecdn.com
3    3.64.234.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-234-178.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2a05:d018:d29:3602:9cf8:b053:4a2d:7d69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
16    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
14    2a02:26f0:280:5::213:7821 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
client.bannerspace.net
6    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    54.155.202.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
pixel.adsafeprotected.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
1    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    2600:9000:223f:6e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
4    2404:6800:4005:814::2003 (None, )

ASN- ()
csi.gstatic.com
1    108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net
bid.g.doubleclick.net
1    54.228.85.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-85-211.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
6    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    23.35.233.56 (None, )

ASN- ()
at.teads.tv
1    151.101.129.91 (None, )

ASN- ()
pixel.mathtag.com
2    3.75.62.37 (None, )

ASN- ()
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    88.221.124.22 (None, )

ASN- ()
contextual.media.net
1    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
4    88.221.169.246 (None, )

ASN- ()
eus.rubiconproject.com
3    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
1    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
2    91.134.110.137 (None, )

ASN- ()
sync.smartadserver.com
1    23.218.208.200 (None, )

ASN- ()
ads.pubmatic.com
1    52.31.236.51 (None, )

ASN- ()
ice.360yield.com
1    18.202.133.215 (None, )

ASN- ()
pixel.adsafeprotected.com
2    34.98.64.218 (None, )

ASN- ()
u.openx.net
1    37.157.6.254 (None, )

ASN- ()
cm.adform.net
1    2a00:1450:4001:828::200e (None, )

ASN- ()
gcdn.2mdn.net
1    2a00:1450:4001:1b::a (None, )

ASN- ()
r5---sn-4g5lzney.c.2mdn.net
1    2600:9000:2450:3a00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
Apex Domain
Subdomains		 Transfer
64 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
366 KB
61 saopaulosempre.com.br
saopaulosempre.com.br
996 KB
58 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
537 KB
21 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 207778
cpm.denakop.com — Cisco Umbrella Rank: 196633
349 KB
20 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
unified.adsafeprotected.com — Cisco Umbrella Rank: 1998
pixel.adsafeprotected.com
270 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
gcdn.2mdn.net
r5---sn-4g5lzney.c.2mdn.net
224 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com
secure.adnxs.com
65 KB
14 bannerspace.net
client.bannerspace.net — Cisco Umbrella Rank: 64702
183 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
eus.rubiconproject.com
token.rubiconproject.com
27 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
6 KB
10 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 8648
creativecdn.com — Cisco Umbrella Rank: 564
cm.creativecdn.com — Cisco Umbrella Rank: 10608
5 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5290
csync.smilewanted.com
static.smilewanted.com
16 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
8 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
1 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
2 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 77191
d.tailtarget.com — Cisco Umbrella Rank: 85710
b.t.tailtarget.com — Cisco Umbrella Rank: 67257
tt-11382-4.seg.t.tailtarget.com — Cisco Umbrella Rank: 325408
t.tailtarget.com — Cisco Umbrella Rank: 22918
23 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
89 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 33495
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
6 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
57 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
77 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
376 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
u.openx.net
1 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
sync.smartadserver.com
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
cm.adform.net
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2 KB
4 ad4m.at
assets.ad4m.at — Cisco Umbrella Rank: 41583
as.ad4m.at — Cisco Umbrella Rank: 29340
36 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
cs.media.net — Cisco Umbrella Rank: 1236
contextual.media.net
c21lg-d.media.net
10 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
3 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 805
ads.pubmatic.com
6 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29111
ui.cleverwebserver.com — Cisco Umbrella Rank: 30174
call.cleverwebserver.com — Cisco Umbrella Rank: 30865
58 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
at.teads.tv
4 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
r.turn.com — Cisco Umbrella Rank: 4167
869 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
60 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 blau.de
partner.blau.de — Cisco Umbrella Rank: 104015
772 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 70130
685 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 69927
633 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344
142 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com
733 B
2 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11423
612 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
3 KB
2 w.org
s.w.org — Cisco Umbrella Rank: 3198
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 351802
156 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
133 KB
1 smaato.net
s.ad.smaato.net
1 360yield.com
ice.360yield.com
199 B
1 mathtag.com
pixel.mathtag.com
457 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
1 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
464 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
149 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 158806
303 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6518
408 B
395 57
Domain Requested by
61 saopaulosempre.com.br saopaulosempre.com.br
34 cm.g.doubleclick.net 11 redirects b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
googleads.g.doubleclick.net
29 pagead2.googlesyndication.com saopaulosempre.com.br
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
www.googletagservices.com
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
saopaulosempre.com.br
imasdk.googleapis.com
18 tags.denakop.com saopaulosempre.com.br
tags.denakop.com
16 s0.2mdn.net saopaulosempre.com.br
s0.2mdn.net
imasdk.googleapis.com
14 client.bannerspace.net s0.2mdn.net
client.bannerspace.net
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net saopaulosempre.com.br
securepubads.g.doubleclick.net
tags.premiumads.com.br
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
imasdk.googleapis.com
11 ib.adnxs.com 2 redirects tags.premiumads.com.br
tags.denakop.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 dt.adsafeprotected.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
7 creativecdn.com 7 redirects
7 onetag-sys.com 2 redirects tags.premiumads.com.br
tags.denakop.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
6 cdnjs.cloudflare.com s0.2mdn.net
6 gum.criteo.com 1 redirects static.criteo.net
tags.premiumads.com.br
tags.denakop.com
6 www.google.com 2 redirects tpc.googlesyndication.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
5 csync.smilewanted.com tags.denakop.com
csync.smilewanted.com
5 ap.lijit.com 4 redirects csync.smilewanted.com
5 b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 eus.rubiconproject.com tags.premiumads.com.br
eus.rubiconproject.com
tags.denakop.com
4 csi.gstatic.com imasdk.googleapis.com
4 static.adsafeprotected.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 www.googletagservices.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
3 pixel.adsafeprotected.com static.adsafeprotected.com
pixel.adsafeprotected.com
3 acdn.adnxs.com tags.premiumads.com.br
tags.denakop.com
3 c1.adform.net 3 redirects
3 rtb.openx.net b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
3 pm.w55c.net 3 redirects
3 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
3 cpm.denakop.com tags.denakop.com
3 prebid.smilewanted.com tags.denakop.com
3 imasdk.googleapis.com tags.denakop.com
imasdk.googleapis.com
3 prg.smartadserver.com tags.premiumads.com.br
tags.denakop.com
3 fastlane.rubiconproject.com tags.premiumads.com.br
tags.denakop.com
3 c.amazon-adsystem.com tags.denakop.com
c.amazon-adsystem.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com saopaulosempre.com.br
2 u.openx.net 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 googleads4.g.doubleclick.net saopaulosempre.com.br
2 fw.adsafeprotected.com 1 redirects saopaulosempre.com.br
2 ad.doubleclick.net saopaulosempre.com.br
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 pr-bh.ybp.yahoo.com 2 redirects
2 cm.creativecdn.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2 image6.pubmatic.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 partner.blau.de b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 as.ad4m.at b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2 assets.ad4m.at b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
2 b.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com saopaulosempre.com.br
d.tailtarget.com
2 bs.yandex.ru tags.premiumads.com.br
2 www.facebook.com 1 redirects connect.facebook.net
2 s.w.org saopaulosempre.com.br
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 www.google-analytics.com saopaulosempre.com.br
www.google-analytics.com
2 tags.premiumads.com.br saopaulosempre.com.br
tags.premiumads.com.br
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net saopaulosempre.com.br
connect.facebook.net
2 www.googletagmanager.com saopaulosempre.com.br
tags.denakop.com
1 s.ad.smaato.net csync.smilewanted.com
1 r5---sn-4g5lzney.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 cm.adform.net 1 redirects
1 ice.360yield.com csync.smilewanted.com
1 ads.pubmatic.com csync.smilewanted.com
1 secure.adnxs.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 c21lg-d.media.net contextual.media.net
1 token.rubiconproject.com eus.rubiconproject.com
1 eb2.3lift.com tags.premiumads.com.br
1 contextual.media.net tags.premiumads.com.br
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 at.teads.tv a.teads.tv
1 a.teads.tv tags.premiumads.com.br
1 unified.adsafeprotected.com imasdk.googleapis.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 tg.socdm.com 1 redirects
1 cs.media.net 1 redirects
1 cms.quantserve.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
1 match.adsrvr.org b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
1 r.turn.com b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 mug.criteo.com
1 x.bidswitch.net b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
1 t.tailtarget.com
1 tt-11382-4.seg.t.tailtarget.com d.tailtarget.com
1 prebid-us.creativecdn.com tags.denakop.com
1 call.cleverwebserver.com saopaulosempre.com.br
1 ui.cleverwebserver.com saopaulosempre.com.br
1 tlx.3lift.com tags.premiumads.com.br
1 prebid.media.net tags.premiumads.com.br
1 bidder.criteo.com tags.premiumads.com.br
1 id.navegg.com tags.premiumads.com.br
1 tags.t.tailtarget.com tags.denakop.com
1 scripts.cleverwebserver.com saopaulosempre.com.br
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.de saopaulosempre.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
395 111
Subject Issuer Validity Valid
saopaulosempre.com.br
GTS CA 1P5		 2023-12-30 -
2024-03-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2024-01-17 -
2024-12-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-01 -
2024-04-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
assets.ad4m.at
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
client.bannerspace.net
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-14		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh

This page contains 51 frames:

Primary Page: https://saopaulosempre.com.br/
Frame ID: F5A48EE2DC23CA8E0F2E77449BEF501B
Requests: 171 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: BC52C7F3859192C55B81A76BBE491C15
Requests: 1 HTTP requests in this frame

Frame: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADB2D8120B346177A00AF1E37A40C9EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9092257803572239&output=html&adk=1812271804&adf=3025194257&lmt=1707155031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707155030885&bpp=3&bdt=352&idt=299&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2725489267939&frm=20&pv=2&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C44798934%2C31080818%2C95322183%2C95324155%2C95324161&oid=2&pvsid=2646966041291721&tmod=359673351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 4A44B9F7D4FF35B96AC19211E17170AD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D239458762882232%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df64a9666e6042f6e5%2526domain%253Dsaopaulosempre.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsaopaulosempre.com.br%25252Ff699106f328b06665%2526relation%253Dparent.parent%26container_width%3D300%26height%3D287%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdanielperronespfc%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D287
Frame ID: 1AD9537C2A45D6DDC1D5D29B5C8DABB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72CCDAE68388B8ACD955A02689C1C92D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2E610DF108E6272C7C09B955B2A0FA4
Requests: 2 HTTP requests in this frame

Frame: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF4922AB5A2BEEDC966935E71F612320
Requests: 15 HTTP requests in this frame

Frame: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A71447F2FE9D290C364147F64787EAE6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A81B8CF4A318F1E6B82F91CE617351FC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8DDD28764DA8B592AAD37D9A2CC1C03
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 537868185C47E43B78E1D7F916713FBB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6673308F3C6A99FE13AAD4BBA2B52184
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=saopaulosempre.com.br
Frame ID: 8F0C0725A2C7B1FAC6DEA32411D56FD6
Requests: 2 HTTP requests in this frame

Frame: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED02E4E2DB18E50891CF428C6BD7D877
Requests: 27 HTTP requests in this frame

Frame: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F84790E4FED8C2B51E2215866E884017
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Frame ID: 52C5D6E87D0B5033FED11CEEDD4E6AED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Frame ID: 78ABE5E408C3AA098B8512C4F48C1D04
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00A2E02EBB5AADDA62B896D9821AAA34
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F47D39C08FD1AF1E97F0186B0585310
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Frame ID: F75985CADC29C62CF921B1D99B3D480F
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C61594AABD20E40344B650B5774AB529
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BEDEF34B501A2FBEF985201096FAA6E8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Frame ID: 0E0110E993789485390E871AF8C07A53
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4A2775F1DB6B60B1921F687D574C9749
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Frame ID: BBF4EFFCB8E7ED8DE22A7F771B782660
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A09C618B97EF39D721460E8E18D866FE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FCC1099BA0A57125BEAD1F13F790B91C
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4F002938CF896D3E082A68DBDFDDCFAD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4618A2A179FB5DD200F4E09BA4880C72
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707155031485
Frame ID: 6237B4DA0A610FEA9879E2CCAC3E330E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 079BF67C6595BBB23A032B8F47A8657D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 27C4E2B4B30E5A215CAF753050CE869E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 97AC3826241B423358CEC41083AF65B8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707155031989
Frame ID: 895AE8E8F05A49F3DF1326AD3C2CEBB0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 796242ED70859C9512DCBD3844D26BEE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A1B8AC2BFFD479B125B9C5B4226A69A1
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 12023955A6054563B7C4C539230CA3B5
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: CF1403C2632194F3442598AE5D64C9D5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/4507727447006430603
Frame ID: E4DB344D63565478927C37C599A8B1E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Frame ID: 2D5694D9DA3366AD8C0C70156ECE1A66
Requests: 8 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 4F94F23EB32C4CEA4C452E5987F07F08
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 08E52725C5DCB6ADD311B14A132DB1A3
Requests: 2 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: A3C0FB848B5B0FADC28371B956987CCF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/179e36c8-797e-45c6-802d-aa5bc6cb7a72
Frame ID: BDCDF0B2D80978C80DF1CEFD461C7861
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F1100A168D8F97B47B775DACA8A86A05
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 13AF49E2A3DE6EE977F7E3AAEED88F74
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1201246404494015642
Frame ID: 8B228E4C487756193B31B4655E5E00E3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/6a4b1883-fdfd-4ec1-b7bd-188cdf0c56ee
Frame ID: 7A8BBD32E7D1C8A9374D3164524FDF58
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 63631AC23D8A0902FCCDF0E5915F320A
Requests: 3 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Frame ID: 855690C45A0305E381EFF4587E65A920
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blog São Paulo Sempre | Daniel Perrone

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

395
Requests

90 %
HTTPS

45 %
IPv6

57
Domains

111
Subdomains

83
IPs

12
Countries

4513 kB
Transfer

12496 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=239458762882232&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df64a9666e6042f6e5%26domain%3Dsaopaulosempre.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaopaulosempre.com.br%252Ff699106f328b06665%26relation%3Dparent.parent&container_width=300&height=287&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fdanielperronespfc%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=true&width=287 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D239458762882232%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df64a9666e6042f6e5%2526domain%253Dsaopaulosempre.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsaopaulosempre.com.br%25252Ff699106f328b06665%2526relation%253Dparent.parent%26container_width%3D300%26height%3D287%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdanielperronespfc%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D287
Request Chain 177
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}}&cbvp=2 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}}&cbvp=2 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681921X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Request Chain 182
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}}&cbvp=2 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}}&cbvp=2 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681919X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Request Chain 187
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoAlXuY_lS7rFH3ZDiAGkE&google_cver=1&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7nMqa71ivTlleJ2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7nMqa71ivTlleJ2
Request Chain 190
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJeCfnY2MOtWOHavbqpmXg&google_cver=1&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFGkKH2OorLBzylXOMt83ybR91sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFGkKH2OorLBzylXOMt83ybR91sA
Request Chain 191
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71&google_hm=IHKnAGZHLSjECmypQa-YTTTW
Request Chain 192
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGiHUWFVHC9Ao4sanWf7c3M&google_cver=1&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKKpoi-vXyW6CeLUC8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKKpoi-vXyW6CeLUC8
Request Chain 193
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS9CToB5QRbUf7hMVC6gZEZq6yGm903LkRe5c2B3ACx4r2F8VaFWYSzPUWu9q0Sbo-a4KHXFcLpsCGnbh6DgKpc_MTqxSrN HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS9CToB5QRbUf7hMVC6gZEZq6yGm903LkRe5c2B3ACx4r2F8VaFWYSzPUWu9q0Sbo-a4KHXFcLpsCGnbh6DgKpc_MTqxSrN&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS9CToB5QRbUf7hMVC6gZEZq6yGm903LkRe5c2B3ACx4r2F8VaFWYSzPUWu9q0Sbo-a4KHXFcLpsCGnbh6DgKpc_MTqxSrN&tc=1 HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc1qzw-DIa37QcrVPsmk3XwQyRBTeNEA3okq9E47zKZU23JM7JZh1yI HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc1qzw-DIa37QcrVPsmk3XwQyRBTeNEA3okq9E47zKZU23JM7JZh1yI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc1qzw-DIa37QcrVPsmk3XwQyRBTeNEA3okq9E47zKZU23JM7JZh1yI
Request Chain 197
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmkTg5fk5q1l0GWg HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmkTg5fk5q1l0GWg&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmkTg5fk5q1l0GWg&tc=1
Request Chain 198
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDUny11NTICbDVF25ASiCJg&google_cver=1&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPaPrVzX4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPaPrVzX4g&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJeCfnY2MOtWOHavbqpmXg&google_cver=1&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7xaBQ6FPu7wIWVyRu1oR1VqbRtZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7xaBQ6FPu7wIWVyRu1oR1VqbRtZQ
Request Chain 201
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw&google_hm=IHKnAGZHLSjECmypQa-YTTTW
Request Chain 202
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS2J9YujTz8Zry8VVGYSRfCo-sFsJYQdOhB4gkc3snHhvaCca7IWPTcXbZDYcNk79YxmaEYdYgHisndqaIf7ohbeCEr7s_B HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS2J9YujTz8Zry8VVGYSRfCo-sFsJYQdOhB4gkc3snHhvaCca7IWPTcXbZDYcNk79YxmaEYdYgHisndqaIf7ohbeCEr7s_B&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS2J9YujTz8Zry8VVGYSRfCo-sFsJYQdOhB4gkc3snHhvaCca7IWPTcXbZDYcNk79YxmaEYdYgHisndqaIf7ohbeCEr7s_B&tc=1 HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Request Chain 204
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 211
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=saopaulosempre.com.br&sn=ChromeSyncframe&so=0&topUrl=saopaulosempre.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RWylBHx3MHBDcnM1Zjg2dWlNbHRJYjJuWmtkbGcrc2U1aW5lbkRQWFpvbFFQNVhaTjNCcUc5Zm12TkowTlV1R0k3UzVBS1F3L2kwNE9FRFcyUjNDa2VldFBxVUdOL2wxZXBlWDFRb2NKZjNCc3RmWDlsUkRyRWdOVXdoQ21jbGE5OGsvelhOQkY2QTJrcVduS0Y4VFVGZU9XZDhwQ2M1endEeHRoQWVFOEdySGwyMDVFVVJZbk1iL2Z4aERYSHR2RmorVjVwTjl1ZXBSdlJTWTI3Z3FMUkZkNDNHdVRDZnBTTnJTdDVJY1U1aE0wNHBQak4xdXo4R2E1dDdLWU81V2hsT2NpeEFOc0RoLzcvRXpCUWhqeTdpUXBzc2dwMjVzSW9GZ2l5YXZoa2dyL1JoOD18&cppv=2
Request Chain 232
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1&google_push=AXcoOmQb4Q9YwlFWMKdDzHEbNq-gfnqwwYM8oEZ0GNGVTk1pDooiC3M8yntI2ZvFtIYtgSnKQDVC9j9HTXn-neECLwbiH2eS1dowcA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQxODMzMDk2ODM1MjIzNzk4NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1
Request Chain 233
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoAlXuY_lS7rFH3ZDiAGkE&google_cver=1&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXdLVIlrYHVPVEEHVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXdLVIlrYHVPVEEHVA
Request Chain 235
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmRYRM0JpPASQ1Cx0g_mXC-8o9RDuj-G8pMHv37G1FxO1yDaTAffzhHc0_0javgkiTAy-rS57C3ibcQITSSRf1_vQNsZWRILeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmRYRM0JpPASQ1Cx0g_mXC-8o9RDuj-G8pMHv37G1FxO1yDaTAffzhHc0_0javgkiTAy-rS57C3ibcQITSSRf1_vQNsZWRILeg
Request Chain 236
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDUny11NTICbDVF25ASiCJg&google_cver=1&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5UjxCHiN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5UjxCHiN&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
Request Chain 237
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCPDi5DhljZTiIS7BplnDq5Bg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCPDi5DhljZTiIS7BplnDq5Bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCPDi5DhljZTiIS7BplnDq5Bg
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
Request Chain 243
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcEeWj91O-I6C7pV-tZH4gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
Request Chain 245
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcEeWvsLnnKaTUyv7xM0mAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
Request Chain 249
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
Request Chain 274
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmQkUcW6TCMHS3VFVW8HF5ZvtF7g2-FBUfB7QvBSOy-x3zZ1NehMEtc4dL1IaVtL5sOtUWqQJMglobPpVLS2_KpRacP92EgdfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmQkUcW6TCMHS3VFVW8HF5ZvtF7g2-FBUfB7QvBSOy-x3zZ1NehMEtc4dL1IaVtL5sOtUWqQJMglobPpVLS2_KpRacP92EgdfA
Request Chain 275
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3Bd5MrB0r4AP6Iyebw3sYnEx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3Bd5MrB0r4AP6Iyebw3sYnEx
Request Chain 277
  • https://cs.media.net/cksync?type=g&google_gid=CAESECLFI_mydSMbdKgsYhnhOnY&google_cver=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7RlAqEVapqaNdEwKyIOSGpZT7QAo5lNkmIez3ZgEwah5i89ONEpq2YnR-K6uEbRxqEyvE2zQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&mn_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7RlAqEVapqaNdEwKyIOSGpZT7QAo5lNkmIez3ZgEwah5i89ONEpq2YnR-K6uEbRxqEyvE2zQ&gdpr=&gdpr_consent=
Request Chain 278
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAaksdaXT3AqHIpFtNSruDg&google_cver=1&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow&google_hm=WmNFZVc4Q281c0lBQUZZejVvY0FBQUFB
Request Chain 279
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGiHUWFVHC9Ao4sanWf7c3M&google_cver=1&google_push=AXcoOmT5A2p7jCc1X92meD6wuWwvyV87zjheHp-CbsCThtksKr3S-YfyTRpckdsUopBoQFLkAQ9ojBMturyQwMYG4MzdATWqPcnvLgE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT5A2p7jCc1X92meD6wuWwvyV87zjheHp-CbsCThtksKr3S-YfyTRpckdsUopBoQFLkAQ9ojBMturyQwMYG4MzdATWqPcnvLgE HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 296
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019497/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20833644696&bidurl=https://saopaulosempre.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0haLAaHxh7Us16bu_B2z5Z5&adContainerId=brand_safety_Wh7BZaabIuecjuwPs9232AI&cbFunctionName=goog_wrapCb_Wh7BZaabIuecjuwPs9232AI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fsaopaulosempre.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fsaopaulosempre.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ddf25ce2-94d2-f838-4f7b-843f547ccdde,c:3ndlrI,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8bdb8bf7-w8vpf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:21bcab90-c44e-11ee-aeca-1a30a5168129,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Wh7BZaabIuecjuwPs9232AI&cbFunctionName=goog_wrapCb_Wh7BZaabIuecjuwPs9232AI&true_pb=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=86276150865 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=86276150865&google_gid=CAESEOigC_t8s6L5nu4JErSh-W4&google_cver=1
Request Chain 339
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=8f8565c1-1e5d-4a00-a698-905c54bbe850
Request Chain 340
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 367
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 368
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4507727447006430603
Request Chain 383
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/179e36c8-797e-45c6-802d-aa5bc6cb7a72
Request Chain 389
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1201246404494015642
Request Chain 391
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/6a4b1883-fdfd-4ec1-b7bd-188cdf0c56ee
Request Chain 395
  • https://gcdn.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/127196E49D3D648DC6F7BC6ED152153C5BF9D59F.65C374BB937991DD97A9368BCF9FF1D45A8AA82C/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23E9881066901742E2DCFC2844EB12B9EBAD8828.3200BE3DDE18D4AD919686AF60B548C643011F1A/key/cms1/cms_redirect/yes/mh/b9/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-4g5lzney/ms/onc/mt/1707154660/mv/u/mvi/5/pl/59/file/file.mp4

395 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saopaulosempre.com.br/ 		203 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88edd30c6506ad79fed51572f6c049987018d2c7f661429b1651fd54644d84d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1838
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850cf53a4abf37e3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:50 GMT
link
<https://saopaulosempre.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ngx
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0cVq7Rv4vO5xaYd3lMPTX2nobVLN8Bf7u60AsDIIeq6QelE8Egno1z1T0J6Nuv2WPlQdd8dMpI4RMwcWE2ZR48pnMTgGQ4c0fZjlLotuxpPiuOJimbDuQA9EXXqb6BwvaOAmuROD8jGNg4mhushNIU2dgU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish-v4
x-cache
HIT
x-varnish
563938081 563348063
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 16:39:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 17:43:50 GMT
sbi-styles.min.css
saopaulosempre.com.br/wp-content/plugins/instagram-feed/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2428388ee7fb9c89fdfd1191a1fb4a45794d7fd64777ecfd9bc4c06052a17522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211264
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Jul 2022 17:26:19 GMT
server
cloudflare
etag
W/"62d051bb-5fb9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwE1Uhv0VMboWxhFhpZ9JwIq8KgoUqpxtknEQNfg8cLeBJIQIvhvCv983Rq6zag8cFvJRdzn%2BlNnTRBW7pbibMSdFMrYUv0SttVfU7vbXVbmw5MR2lvumZX7Pq5A7ZbAJQw%2FeTzRXYctCDl0tZ0ORsbEpA4%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
500400559 499811270
content-type
text/css
cache-control
max-age=691200
cf-ray
850cf53cde2937e3-FRA
expires
Tue, 06 Feb 2024 12:47:24 GMT
style.min.css
saopaulosempre.com.br/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173439
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Jul 2022 17:20:50 GMT
server
cloudflare
etag
W/"62d05072-15b64"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8DnUyrYICmCFiiMC8BOU8dFO3F87YDtlrvpMB9ARjz92ZZehQ22cecWZoFrChoND5RR0MJGOJp4uqnYQkebjRJ6cNNtDECfS%2BeigxczuQSyEsCFS%2BMVdNSeINA4Jzjgakup3UIOgCq08OOgqmqaRJM5z24%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
919636560 917769416
content-type
text/css
cache-control
max-age=691200
cf-ray
850cf53cde2c37e3-FRA
expires
Tue, 06 Feb 2024 21:47:36 GMT
public.min.css
saopaulosempre.com.br/wp-content/plugins/easing-slider/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/easing-slider/assets/css/public.min.css
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cccb6838002cd6a12dcfc50d70fe06e84819d122f28979cf76a29e447abd860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111075
x-cache
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2016 07:32:45 GMT
server
cloudflare
etag
W/"57ff389d-256d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0QfphmrqDqtOssB1KfTrkE03jwmsgnKDrkVAxYzm2EFlFXMAv5ZU2HkeVfEeIEEWubv%2BeyXgBvaItjqozAHzP%2FZOnNeBLGwC0R6WSIA3kbZRi%2FaMFWYMIn267zCiIYq3fLCT%2B4ZHN%2FStKCSZnvm%2F73aOXg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
533823914
content-type
text/css
cache-control
max-age=691200
cf-ray
850cf53cde2f37e3-FRA
expires
Wed, 07 Feb 2024 16:56:57 GMT
polls-css.css
saopaulosempre.com.br/wp-content/plugins/wp-polls/ 		2 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/wp-polls/polls-css.css
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211264
cf-polished
origSize=2708
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 14 Jun 2022 22:45:40 GMT
server
cloudflare
etag
W/"62a90f94-a94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj2rR2C8LaYnwHewYfSjigiVksJpksLDIxafkNKQOlNBPR9bdhcu3T3aPsDCE0IbhjafruVc0VEsKrVG4hKwik%2F6tzgUUQqNPNtuzJP50%2BTVJ4WQjzgAGNK2i1%2FqcKVCL4z6KoW%2B5DEicf1vsA8GqfMhUso%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
500498434 499876115
cache-control
max-age=691200
cf-ray
850cf53cde3137e3-FRA
expires
Tue, 06 Feb 2024 12:47:24 GMT
css
fonts.googleapis.com/ 		15 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C700italic%2C900%7CRaleway%3A400%2C300%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd22c354039ec6a21aee9483944052ce2887afdd91ff28ab1c257323e1454f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:43:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 17:43:50 GMT
plugins.css
saopaulosempre.com.br/wp-content/themes/desativar/dawn/css/ 		191 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/css/plugins.css
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69796692b3f5728b0c446c2cca56183413b6308d4bca6ef0b338f4d58642492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211264
cf-polished
origSize=211990
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 24 May 2016 10:47:20 GMT
server
cloudflare
etag
W/"57443138-33c16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ5paeBOtDPLE%2F4LbKAkIQUm2MJLhPglBBNp%2F%2FaR87kJwOBXgnlUxveCpka%2BzU6lNkUX3DlV8CeIzIEmvC4seQirvmCb4aIabmSido9nyQqFSxhvdKI2iXzAY1%2BX0wX83F4ATqEcitHbWP3ZxzkhaeCDuiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
500531202 500105273
cache-control
max-age=691200
cf-ray
850cf53cde3237e3-FRA
expires
Tue, 06 Feb 2024 12:46:05 GMT
css
fonts.googleapis.com/ 		2 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A700%7CLato%3A400&subset=latin&ver=1664299252
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76a2174a975d02037d4e37ad681d006dc94260e2ea03f881c6f9bd486a5af30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:43:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 17:43:50 GMT
jquery.min.js
saopaulosempre.com.br/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/jquery/jquery.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173439
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Oct 2021 08:19:28 GMT
server
cloudflare
etag
W/"616a8b10-15db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfoVbzoxjXjY1Ydz%2Fx7e3BWhIJ2zMfjXtHOSkYy9pxaRmg%2BE6KHYi1%2FC2Xpjttbv%2F2nEtO6ooXuYjswfi9s%2FUVIMbZ3Fewv21Rj3oM01CY%2BU%2B5NbyE6IFTZUnTDY%2BhFKpaUFvlhk5HBgYwTmnHy5HFWbO8s%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
510754907 510066788
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53cde3337e3-FRA
expires
Tue, 06 Feb 2024 22:45:10 GMT
jquery-migrate.min.js
saopaulosempre.com.br/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
106584
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Feb 2021 22:56:13 GMT
server
cloudflare
etag
W/"60382b0d-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUM7Na1tl2ALMP6SVjxSWxGMi6tr7wtXsvkXkig6Ulwp2JSB6Tm69j%2BLOueQuxrQbpiJwCSYJ5ZRbeCs2nT1OQI7C6lDnTROISY65AiRZONDbph%2BFn20vfSXs3TxZrrXvG8%2FaMk6%2BmUXEOD0s5hruB4o6dQ%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
277152033 276758630
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53cde3537e3-FRA
expires
Wed, 07 Feb 2024 17:29:42 GMT
public.min.js
saopaulosempre.com.br/wp-content/plugins/easing-slider/assets/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/easing-slider/assets/js/public.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08592fdd12a80535dd739321c6c7e5ba034e4484fa3e94af31d08a594c8c23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173439
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2016 07:32:45 GMT
server
cloudflare
etag
W/"57ff389d-63bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdnHnAlC3rUiccXlutb3X1ls4OYQJHasejG2pNEuKLW%2FCfqUV55qcJ%2FIJOOhYOPtG1UP2lNdrvMg%2FHDqC7vvYqevheUARcmwcARuFlPRuqF4RuplsjmIsg8AqRO71WE%2FB3%2FCxQW%2B4ByTHngHnxRgMrMG8qw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
920944847 920518791
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53cde3637e3-FRA
expires
Tue, 06 Feb 2024 23:09:04 GMT
js
www.googletagmanager.com/gtag/ 		261 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GY97Y7QLVF
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb5103d393fd3f1ac2aff5e8357c6fce538959568f866351501976877e55943e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90383
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 05 Feb 2024 17:43:50 GMT
denakop.js
tags.denakop.com/10274/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10274/denakop.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0946e97d18b3d73c5a4bff8b8e178d3d9f641b19388c358776b7bbd14ef996d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 26 Jan 2024 16:12:05 GMT
server
cloudflare
etag
W/"65b3d9d5-b4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf53d99291e4d-FRA
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
saopaulosempre.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Jun 2022 23:08:29 GMT
server
cloudflare
etag
W/"62a914ed-48b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8I%2F6hSm4OayL9ASwyEyLyvRQe1Aa2xHH6JV46vrzbvQck%2BJSd0aqdQ%2FRuESQktCYwfHcKHlchQ8lAZw9dX9O6esTfhu5t20nKVS5hOgl9JkxSRVcA60ICkFXkuifp3Np7Ula7TxziowUTID3vh7kVLicWs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
101417047 99287103
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53e2d066540-LHR
expires
Thu, 08 Feb 2024 00:48:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb03a01f43c31173ceb6d6378595d4558ec77c915232c73e9e4e3a6f6ea7b2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51312
x-xss-protection
0
server
cafe
etag
8301333875793546557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 05 Feb 2024 17:43:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e71f0899f5341e2da555c00868289b87f58f570b7709b9f671c1fda9407f2763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29762
x-xss-protection
0
server
cafe
etag
737 / 19758 / m202401290101 / config-hash: 6362903219897359044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:50 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb6fa007a49268170bf0ced434ebff9279787e4e1d18f9d927fb27e9f1fb435b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:50 GMT
content-md5
tj3jZAGVrd+WYUvs9ElpZg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
JN6LNBHXRSjVr8p/L2W3a+I7/gIDKfmwVJiPkGbu3anXGpGop6DktK3bEoND6/YGa1gcCw2XQWR0PvwlLsmQnQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5f1ce05953b6f4f7a12009179d821f77
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bd500474d77eebe822430441bc876407"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:58:32 GMT
LogoSaoPauloSempre2022-1.png
saopaulosempre.com.br/wp-content/uploads/2022/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2022/09/LogoSaoPauloSempre2022-1.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcd0d4b30f43dc84bcc16b2fcc0adc23c7447e16e7333fdfa3cb7c6d5fd7319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269678
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
10812
last-modified
Tue, 27 Sep 2022 17:20:30 GMT
server
cloudflare
etag
"633330de-2a3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap4SVWcRDZl0hgKZqCcFd4fUNS5ZfKy7xA5xfreqIn47zFnmUuuFrbas7U%2Bf7x2EjCbB1YTfudU0eWq9BKYfi%2BHPZzFoG7WPH4DPveoibEDEmkvgbg5ZSjm79TD%2FAXalQ8KheX7Z44d6bCFK27Gyfz2Gig0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
977502624 977338618
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d096540-LHR
expires
Mon, 05 Feb 2024 20:15:14 GMT
e-consulters.png
saopaulosempre.com.br/wp-content/uploads/2017/02/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2017/02/e-consulters.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58413f33709c38ce5106719174e4d8e76079f6de21cf3f78bb89c0c2383f6d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4438
last-modified
Tue, 23 Oct 2018 01:36:58 GMT
server
cloudflare
etag
"5bce7b3a-1156"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CMGQkariZEnMHYe4pV046OvSgbhuaOiyx0GxGhcZnbd3uWslmHcQaM7TnT7Bg%2BSh0QpMUOBv6tbIywpKdz9ipi5Uiza%2FgMed6iS%2BA5wc9vHguxbbbRmHNS8MnptI0GyXh00R1B%2FCiGa1TyRTtFw6Gy8PD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
546930971 546373766
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d0d6540-LHR
expires
Thu, 08 Feb 2024 00:57:24 GMT
f.png
saopaulosempre.com.br/wp-content/uploads/2016/10/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2016/10/f.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c04e87a934008bdd15561b3ae66208d2158dcd6444da7d08b9c9243572e4a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269677
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
928
last-modified
Tue, 23 Oct 2018 02:19:45 GMT
server
cloudflare
etag
"5bce8541-3a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD7PcsxG8bJ338TLDLdnoIqpha2Bdq2S8sqybod78s0xTKqz7SbZZGPqpWRMT9mPyuN99ojm4i01vaLp4j0X3zxsocvKsLGR1Tv5CfuCiRsGvfZgSFNzCNVJUToBSqfGQhSxfE6%2FAYhIAa%2BeihCDQQa2lBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
102662304 102465630
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d0f6540-LHR
expires
Mon, 05 Feb 2024 20:18:00 GMT
twitter.png
saopaulosempre.com.br/wp-content/uploads/2016/10/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2016/10/twitter.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342184a71a265fe1e1c7b13a4ef81bfcf1766232345b635d028bf2e94e7e814b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121565
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
732
last-modified
Tue, 23 Oct 2018 02:19:44 GMT
server
cloudflare
etag
"5bce8540-2dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOyLinVuXrZsj8j1ClTlTkMNhVJM2Kh9covBvLhM%2FzCg%2FlV6Dv2JRLM6pVqRpfkOavCAWmVBUmPxEvCRi1VLjTM10X4INJG%2FNI4gSjM0VdsRtaOH6yud1zgfczJpn1MfdtwvXc7L4agdaTmy7skwRup4u%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
358875960 359432250
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d126540-LHR
expires
Wed, 07 Feb 2024 13:54:16 GMT
insta.png
saopaulosempre.com.br/wp-content/uploads/2016/10/ 		860 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2016/10/insta.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb292093a6067785b74fd156d5ac5fd6b50ecdf7beab1efd8aca433ded06f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269675
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
860
last-modified
Tue, 23 Oct 2018 02:19:44 GMT
server
cloudflare
etag
"5bce8540-35c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ixG1Nu5vNw9b1AHex46w%2Bc1JXp3rNxDxfyrqXdLy1llZo050CYy8fMB5JS9ISmqqKbg6%2FZCs%2F2ZNu6884PSdn2xp0Fkl2oaLAmL%2B48jbMaDqJu2LbjDSkE3aFbvTBj4JAu%2FTnQ0%2BetJ7HesPKoctPzjzJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
483788193 484376580
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d166540-LHR
expires
Mon, 05 Feb 2024 20:18:05 GMT
email-decode.min.js
saopaulosempre.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b94449-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFPXyDA8KWwTQGso82SCxl33f7z%2FLp38FkP2cR%2BSpwYMQm12khpw4XH%2FDJ9Bgw63FkI4E5zwo6%2FMJJe7f7YKnJ4K8QDMWvUMhsNYViY%2BpPcXoyZHRKY6%2FmPCtgKu6abXG7f0K3quTyxpjJU6Q1pOSuSsA9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
850cf53e2d196540-LHR
expires
Wed, 07 Feb 2024 17:43:50 GMT
Slider2023Blog-1140x257.jpg
saopaulosempre.com.br/wp-content/uploads/2023/03/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2023/03/Slider2023Blog-1140x257.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efddccb8806d487e1da840f7c55a3e404b15f40692b158e2f8a9f919837f48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
122626
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
223193
last-modified
Wed, 15 Mar 2023 00:13:20 GMT
server
cloudflare
etag
"64110da0-367d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z92sZE4fpdHvIJmzBs85WDRRJiZTavZQJmkMCWSbnwl53cehyB6PKW%2FjCI3ud64PNECHya%2BLeiVKL%2FRnWg6A7ovDOXFmuFPOr3jyAZ2NaE910iN%2F8q0gJZUOQuBWIERgUouRxTlTf1y5IlzLGyDh789rJtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
47350062 46465334
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d1b6540-LHR
expires
Wed, 07 Feb 2024 13:31:37 GMT
barra_loja_Blog_Desk-1140x124-1-1140x124.png
saopaulosempre.com.br/wp-content/uploads/2022/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2022/07/barra_loja_Blog_Desk-1140x124-1-1140x124.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3e2bdd62203723c67aefa446357bba0d495d36e20ec1220ef291d3a4329399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
13585
last-modified
Thu, 14 Jul 2022 17:36:29 GMT
server
cloudflare
etag
"62d0541d-3511"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG5vzCxe%2BpunFfKuleTcSdFsITePBSwu0Cc4aDx05AM3KqLwFYEr8mDGKPP4%2FoR2CUSmK5OaQvsi802F69JauwD0pVo5qXnjSyGqiSOvcJFSxeedPpSBV2CpyrFQh5UniSDG0GVgetzjuf7XAGIs7jbOceU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
76218380 75694378
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d1e6540-LHR
expires
Thu, 08 Feb 2024 01:25:00 GMT
barra_loja_Blog_Mobile-704x175-1-704x175.png
saopaulosempre.com.br/wp-content/uploads/2022/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2022/07/barra_loja_Blog_Mobile-704x175-1-704x175.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be259b5e461f86279a2fe2ef83d418b9f81a27a2951632328cd9b2b57f237f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269674
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
13771
last-modified
Thu, 14 Jul 2022 17:36:29 GMT
server
cloudflare
etag
"62d0541d-35cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDkhINjvXI0W6sDwPK4sTlFbuQHFkGMrKvs9OVjXJJqxfQmxyTZ8kV4oFaMCMzBiqQf%2BeOFptU0%2FKQt%2FZ6PRLP1G%2FI0V%2F8dY6NOznvDcEtMbWhkrh9hqG9tPuFDgel%2FrTqBQUoB8RL8uedGNSjVK8LPP3fQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
355434578 353140843
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d206540-LHR
expires
Mon, 05 Feb 2024 20:18:08 GMT
daniel_perrone.png
saopaulosempre.com.br/wp-content/uploads/2023/03/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2023/03/daniel_perrone.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3aa3ad406b8a2f48a38bc92e441c8dc3dfa456a0be2f3959150c22d7454fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91111
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
93644
last-modified
Tue, 14 Mar 2023 23:13:08 GMT
server
cloudflare
etag
"6410ff84-16dcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvlaS645jZQ0kdojITulO35ODkR7dHtSs02MhY6l2ILsMI5ZcRsfDhhhtfbNrpR%2Bu%2BKJjfGLK3ZbB4mZajmIyFRcjKI5%2FSPfTz%2FefZSGx%2BMNNJ7REsCMVyxb3U8gkac6KrL1wBkrMeiQtvtEz9l397kAy%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
455704612 454099059
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d226540-LHR
expires
Wed, 07 Feb 2024 22:15:53 GMT
05-02-Di-Maria-80x80.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/05-02-Di-Maria-80x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852b5fa76c4b875659cd9294c84bce92b0a16d98c17a4488a7cd6fd13c58a62a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24135
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
3448
last-modified
Mon, 05 Feb 2024 10:52:41 GMT
server
cloudflare
etag
"65c0bdf9-d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r9gt9s4qf1dWTCj6vocM6Mch9MJ0vCOYv5KgOJabOMrSAjcZM4suilM%2B2fnbFFqURDre6BPS89Ugpxa0sdPDaV76Sv1Wb37YYIHUqUY4m8rfxOkW0Wvuruc3DbZ723%2Fa%2Fbsb272%2FrK24I0r4ahwUrW81ko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
555384911 554303888
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d256540-LHR
expires
Thu, 08 Feb 2024 16:52:41 GMT
05-02-Supercopa-80x80.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/05-02-Supercopa-80x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
606aee1d2ed41b0cf2255daceaa2dea7c4234deba6d744b725382ba9fdfcd7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24135
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
3423
last-modified
Mon, 05 Feb 2024 10:27:14 GMT
server
cloudflare
etag
"65c0b802-d5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSS9FXR4t0Qc2bCkI6ZIyPr3JFzSAaQ1Rq6oUfeYhFq83zt9jxL8O4eEfbSUBXvl6GfogDHRluawK0f1tXcncK6%2FQW2NOSi3a%2FYggvArBbg%2FuoCZkrRPz0IFI3FyQ15r7Z1IeQ3B83bYBLUEc7LooSOWhCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
555057400 553059584
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d296540-LHR
expires
Thu, 08 Feb 2024 16:28:24 GMT
23-01-James-Rodriguez-80x80.jpg
saopaulosempre.com.br/wp-content/uploads/2024/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/01/23-01-James-Rodriguez-80x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e839cbca64972608f103b7e75d5d207d31eac477d79ac43e3c950fb5897bd23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145197
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
2897
last-modified
Tue, 23 Jan 2024 14:09:53 GMT
server
cloudflare
etag
"65afc8b1-b51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXtJHBP%2FMTDxJ%2F%2FYcFbXE0b6T7g9A6ZTBKWYZDvOnGAwSi8owbB%2BBbT%2BwyCaogqryDRSZoFIIFJaqE7udoAB3hRmIJV7xiYPEZoM%2Fo3sCJYxWQHwasXVeroPmvbv4q0R9h4iLgqrOmKgN3FbMtMPdk4pGuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
518521306 516883413
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d2b6540-LHR
expires
Wed, 07 Feb 2024 06:49:31 GMT
omelhorspfc-120x80.jpg
saopaulosempre.com.br/wp-content/uploads/2016/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2016/10/omelhorspfc-120x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb69e9b5855c15185db603068a44a2c1d64dbb66c09c5a3b1fb8bae82234a2d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247462
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4911
last-modified
Tue, 23 Oct 2018 02:17:22 GMT
server
cloudflare
etag
"5bce84b2-132f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CALMAGhBUk1ggbvGfqnS5BzoDlNplzWAWzg4AUaenMRkc4KJvXzvyGeZl%2BIF79Hl4cwEHX4rb6JgaX7ZpS7MHFKbwK7RN0gdS%2FhJlQcm%2BXbjMpTE6vOIe1P09%2FPN52uGnSW2w7btLKExyHpzOx01G6EhXEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
490210298 490832193
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d2c6540-LHR
expires
Tue, 06 Feb 2024 03:02:02 GMT
pergunteaoperrone-120x80.jpg
saopaulosempre.com.br/wp-content/uploads/2017/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2017/01/pergunteaoperrone-120x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f69bd47a2192ccbda9ea4e83e3702d2526cbf0a06bd00422943ad72d287ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269673
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
3221
last-modified
Tue, 23 Oct 2018 01:37:24 GMT
server
cloudflare
etag
"5bce7b54-c95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyL8JuXSJisNmxobZRgD2KQKFbrN%2BGMR6Z%2BI8gNYlDFSbIp9BN10uQPIPqvs78slT1xPNk8XkrTEsGJePrstbjI8A%2FAdeYBIxdTej7Zrpe2WK8S6WWVdWM4gghkrPkb8OUCqVBuYOFDLDubhUD4NHZqr6oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
358088766 357138610
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d2d6540-LHR
expires
Mon, 05 Feb 2024 20:18:09 GMT
opiorspfc-120x80.jpg
saopaulosempre.com.br/wp-content/uploads/2016/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2016/10/opiorspfc-120x80.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921fc1cb23f6ba7d78fd875b24278f87a6bfd454a3ab8bd50f13659a4878f162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4576
last-modified
Tue, 23 Oct 2018 02:17:21 GMT
server
cloudflare
etag
"5bce84b1-11e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQBtK%2FLSSftPHf%2FmVlnoR9bYerOAEbcMnA93XFWzVrqLMXqmZcnJMvJNt2M3cZF1OawR%2Bema8RMtznx%2FNDJdOB0G4OGesOIkOzlpNKp%2FwpYrAJQp928NsCkkk93TlhcMrV3hx07EoynfV7%2FGsSpHBXwwK8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
359628885 359301127
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d316540-LHR
expires
Thu, 08 Feb 2024 00:48:25 GMT
loading.gif
saopaulosempre.com.br/wp-content/plugins/wp-polls/images/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/plugins/wp-polls/images/loading.gif
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269673
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
771
last-modified
Tue, 14 Jun 2022 22:45:40 GMT
server
cloudflare
etag
"62a90f94-303"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuPkzdoNVHiTGvNUmmBQ02a2iFy5S79UOn4qzKcXBkXAmmQwfHh61%2BsIJSOEDzFrCrtm4bEVKLfLE7RYLSB0B7IsUe0xnESM8NXzXVNhu268RjZkahJMIz1uM8rdH3BvlarCzZEAqZMm7JLPCLDyBz3NwB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-varnish
357695571 357269511
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d336540-LHR
expires
Mon, 05 Feb 2024 19:28:16 GMT
placeholder.png
saopaulosempre.com.br/wp-content/plugins/instagram-feed/img/ 		176 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269673
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
176
last-modified
Thu, 14 Jul 2022 17:26:19 GMT
server
cloudflare
etag
"62d051bb-b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG7BEkK5vOabwu7CeUY0cwfEzggV%2BaDiAB4MXcMD%2Bfiqvy%2BxPe5xzTaxQsbmuEEbafw53om%2Bb3ZNFZjOs3cG%2Bummv%2FoF78FZ8e9MiTkebAQMfGaYy2koAiY7Fk0Nsi1jScAPK3Xpj1yWlhUqUFx05U1kkgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
358154471 357826644
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53e2d366540-LHR
expires
Mon, 05 Feb 2024 20:47:09 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 06:10:26 GMT
x-content-type-options
nosniff
age
387204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 06:10:26 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C700italic%2C900%7CRaleway%3A400%2C300%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:52:13 GMT
x-content-type-options
nosniff
age
514297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:52:13 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GY97Y7QLVF&gtm=45je41v0v891076116za200&_p=1707155030633&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1110527849.1707155031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707155030&sct=1&seg=0&dl=https%3A%2F%2Fsaopaulosempre.com.br%2F&dt=Blog%20S%C3%A3o%20Paulo%20Sempre%20%7C%20Daniel%20Perrone&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=708
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GY97Y7QLVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GY97Y7QLVF&cid=1110527849.1707155031&gtm=45je41v0v891076116za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GY97Y7QLVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GY97Y7QLVF&cid=1110527849.1707155031&gtm=45je41v0v891076116za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=769499862
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=3ad273f940cc7f4fdb8d6a2b6d2adce6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09a38c5f8d7cd6a9811194e9cc6f8bf6a4201a19c9f03fd06ae53d9f36a66fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://saopaulosempre.com.br/
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:50 GMT
content-md5
7JX95sr0xklq6Wp/snabtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88511
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
MNEvtqlVgzu7xLI7SMZhJL0uj0LM5//MiQeyofrnTFv4tx5UDBrot/FCglMyCo2INIRXCQTgf9gCJG0CCHtZqw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fb3214ce025aba86f4a6dcb796568b81
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"27348b0e38ea97cf568a5406d9fb798b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 04 Feb 2025 17:38:32 GMT
prebid.js
tags.denakop.com/ 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:24:20 GMT
server
cloudflare
age
1720
cf-polished
origSize=330936
etag
W/"651c1604-50cb8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf53e9a7f1e4d-FRA
alt-svc
h3=":443"; ma=86400
saopaulosempre.com.br.js
tags.denakop.com/10274/ 		257 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10274/saopaulosempre.com.br.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1ac0f8728135949ccd376c1dc7a3d73b06c636c48b8d798f3ea26d9ac041c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 26 Jan 2024 16:12:05 GMT
server
cloudflare
etag
W/"65b3d9d5-40241"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf53e9a831e4d-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		286 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:47:03 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2024 21:58:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
3408
x-amz-server-side-encryption
AES256
etag
W/"e27d9780852534fd18cbcc0472fcbb38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
n7NsdZ-T7XzY8aHBivWHadkecAmOfI5eAxs7Xj5yuXYHBRF5Nl79cQ==
fontawesome-webfont.woff
saopaulosempre.com.br/wp-content/themes/desativar/dawn/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/css/plugins.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/css/plugins.css
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
83760
last-modified
Thu, 26 Jun 2014 12:27:04 GMT
server
cloudflare
etag
"53ac1198-14730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1EyMGMqNDO5H0bHtlpkJ%2B6X7OxCXpmXSRdeJ2d8NkHmH9KiQCzpEtT02iMV1OzfB%2FwchuYZEzN2ovN%2BuIMNNigqERp8zkVeTValTmU7qn1ftjo%2FMOLxanprMpRuzilFublqMoNQF%2BLlt%2F4gzgIo8erYBCo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
359694338 359366989
content-type
font/woff
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ebe126540-LHR
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C700italic%2C900%7CRaleway%3A400%2C300%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:59:23 GMT
x-content-type-options
nosniff
age
513867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:59:23 GMT
05-02-Di-Maria-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/05-02-Di-Maria-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82ff3024bce5fead7bd9619f5a31360dd32797b26d2be7c33226cdd22688cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12504
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
27153
last-modified
Mon, 05 Feb 2024 10:51:10 GMT
server
cloudflare
etag
"65c0bd9e-6a11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BrYSWz72PWzIkR44sDpXqlkRTpCwqGPfjcLOsjJCSzMFN2cuIsvcrLWAD5%2B%2FBpFXRVZB9GENSSOeKFwaTJgUHBiVS48%2BNORWP3bfH9Ro1RzPmlVUJE4rrpl8rvv9btB3enZzkO04qXxBUVVbueh1y%2FP%2FZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
560759011 555684061
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece4d6540-LHR
expires
Thu, 08 Feb 2024 19:23:33 GMT
05-02-Supercopa-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/05-02-Supercopa-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b3daaa61685fe71f1f9caf9f2b21060ebfd75f7258414b9d4ea4a2ad230d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12504
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
34382
last-modified
Mon, 05 Feb 2024 10:24:23 GMT
server
cloudflare
etag
"65c0b757-864e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtnkpApGLMt6D0gPNe4CVZ8wD2G6zonhDD2yAmggArTT0xRj5XnC6qxTZS%2BIhuyzLShQNqpWkbOI4jJVANkk9OxEDuOsJk9%2BRcQSEBx1aVqp7W9YI5Eg5XqKWTfOkm%2FqXXdlELvhX4x64%2FEUkj2YCzhHGp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
560267880 558858244
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece4f6540-LHR
expires
Thu, 08 Feb 2024 19:23:33 GMT
23-01-James-Rodriguez-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/01/23-01-James-Rodriguez-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020fc19befd100a715158fb63545cf6fbc994d25b87fd1938decf34ba105d4a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
122627
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
22437
last-modified
Tue, 23 Jan 2024 14:05:36 GMT
server
cloudflare
etag
"65afc7b0-57a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKDL5HY7ymexaUfvzPc5cSZLvD9krsb0OdESNTUZabbP6Shgee%2FeQfXyqoj%2Bnu%2BbeXpRBlWZFmVQppU21zRo4ksbfn8avdsRtVFKTsSDaCQOXWZ5m1MWox6C8kQVTG8x2z1TQPwdVCgk95V2Vzovr8r81GI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
240943991 240223358
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece516540-LHR
expires
Wed, 07 Feb 2024 13:02:06 GMT
03-02-Delegacao-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/03-02-Delegacao-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4b8106f605bfbe43d801ffd58d96430765d55ca91dffdc558cb363628d5ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
122624
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
24456
last-modified
Sun, 04 Feb 2024 00:12:48 GMT
server
cloudflare
etag
"65bed680-5f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3aK5W0Q%2FOE1tOa2m5nwiPMubhyJTn6ued2%2BKZ8enYtzqj2cclEFuGjAXfntII6H34XIE9b7uBk2rcMX%2FSR%2FMsURJpyO43wbliy3RJtX2ot8Szrl7HokwttnSoTjhUKNrfY0Xgx%2B9Y%2FAV7JfkIU7wcWHn8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
531431940 530972898
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece526540-LHR
expires
Wed, 07 Feb 2024 13:02:06 GMT
02-02-DOC-Copa-do-Brasil-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/02-02-DOC-Copa-do-Brasil-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e04f8f77882cebcc508ab28d2b6e94c11d8b1d017d3f8922c5b2664270f03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240593
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
35872
last-modified
Fri, 02 Feb 2024 21:00:27 GMT
server
cloudflare
etag
"65bd57eb-8c20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZW2bCHSbb%2B2%2F7KjJlIoMIJK0QdnO84Nj2sl9qJNbZH53omrmW2Pz6N2kqupSwRoPxDU%2FSgLpBu5Ef0W41xdxGxUr9SuGVnEuqpEHMXVdVTPrjb3Qx%2Fx2ex5uGChTl%2FarI6GDS%2FYpQmE%2Bu2nIWmDhIw3%2BNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
492667306 492798147
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece546540-LHR
expires
Tue, 06 Feb 2024 04:43:15 GMT
02-01-Supercopa-2024-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/01/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/01/02-01-Supercopa-2024-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851348109aea9bd57a267a0cd4d0ee802ec76376ed70ab581bfd6365bd9eed4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240593
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
30139
last-modified
Tue, 02 Jan 2024 10:49:28 GMT
server
cloudflare
etag
"6593ea38-75bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4I6Qyo%2FlkMeKzCyLzgWmWi1MyaG4w28LKdSOQB2d7M97jE4mTTIlBYOh9%2Bl35ijHDsE4OQIfqrSvtAG63VTuxIGv0aV7jGdtRkbfRWwWhHrp5GKYaEocGhcFt%2BE3TkYjJ4fWW0lOU%2BkmIq99uuqIjRdI28%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
492994667 490767637
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece556540-LHR
expires
Tue, 06 Feb 2024 03:45:39 GMT
01-02-Braulio-arbitragem-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/01-02-Braulio-arbitragem-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d6fe78190e9724c074698373c733dd1da9cc99741d038d3af26ddf990d95e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
19811
last-modified
Thu, 01 Feb 2024 20:03:21 GMT
server
cloudflare
etag
"65bbf909-4d63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ94uqrdyIVQPMgoshD35KB6C7l6svGfO2%2F03qEvfk25UGqZgQ9PODB1DGH51uSpeBL1lhTWDc5n2IUDH0x1FqWal72Vr9aqwasiylMgokTcQXMYKwxH5wxw3lEDvcWSNzTTHo%2F6qjdxSuy4OgMLz%2Be3Bps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
478970552 478544882
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece576540-LHR
expires
Thu, 08 Feb 2024 22:41:38 GMT
01-02-Thiago-Carpini-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/02/01-02-Thiago-Carpini-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04bcd9047ee800dcf9186dea5f40b2024e9724915246d495d6816020d7b87a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64133
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
19424
last-modified
Thu, 01 Feb 2024 12:21:19 GMT
server
cloudflare
etag
"65bb8cbf-4be0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9cRguDhtSmhiwYnHTz16sQlBnn9Ke%2B127bOelYeAEPd2J5fAr4BkXx8a0dq9fIs2YloMbf2fUNWQKwJz8inrZzggzpmZpe78fJu0wVv%2Bz%2FwqevuyrvPc%2FzoVbpgQJzixBN%2FxKdkqnTXElb4qsrl4y7tv7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
461308585 461275195
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece5a6540-LHR
expires
Thu, 08 Feb 2024 05:11:18 GMT
31-01-Julio-Casares-300x350.jpg
saopaulosempre.com.br/wp-content/uploads/2024/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/2024/01/31-01-Julio-Casares-300x350.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ca3e795519863b8983e55b87d92b232073a0cad024e6bcf66b6266bb3f4ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
17744
last-modified
Wed, 31 Jan 2024 15:04:32 GMT
server
cloudflare
etag
"65ba6180-4550"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7bYcUrFpyookfvGpKN0VTnTEGZIb9Si%2BsBPKbGFxL91H5EquVKMMH0ebNpWCiMZKlXbbjQidYcMvjHX%2BAxsB%2F%2BwAYO3b%2Bl0pTJywIYx%2BC5F5X54k6DwjWeSA6P4KWhts89Gx71NLOkJ%2FGxAFmybPLarn8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
461897845 461242970
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf53ece5c6540-LHR
expires
Thu, 08 Feb 2024 22:43:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 15:42:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
7263
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 04 Feb 2025 15:42:47 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092257803572239&plah=saopaulosempre.com.br&bust=31080818
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ffe85c64a45df61f7d5fdd8b52d94a246833eab3c67e7730a961d9ddbb17470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140961
x-xss-protection
0
server
cafe
etag
11105397810785610336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:50 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame BC52 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 15:36:22 GMT
etag
3890843268177463596
expires
Mon, 19 Feb 2024 15:36:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2bb0a508-595f-49a8-87af-9e3915fc9884
config.aps.amazon-adsystem.com/configs/ 		773 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/2bb0a508-595f-49a8-87af-9e3915fc9884
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
4e1ace936d6eca410ee9b40a573613ca3473143705087f3a6c6cded95afdc4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:37:01 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
409
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
773
x-amz-cf-id
4Ekf6etUomTZCwThE882Rm6UUDvC6rWIEB6iuUHV9UmO5vD_UDIgYQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsaopaulosempre.com.br&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:15:36 GMT
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
12494
x-cache
Hit from cloudfront
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
lnbQRBGJXlbllYI1g0sDkryhV6jLjF3PBnQRPa0Q-jIpWL9rosWFKQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Mon, 05 Feb 2024 06:28:59 GMT
x-amz-cf-pop
FRA56-P5
age
40492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9C-AUaW0AAU1w-CpbuXG0b-0988Gx7fpahyO3178aObqhV09CxMYMg==
6642bb1c-e72d-4075-82b3-ff7e31f73438
tags.premiumads.com.br/dfp/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/6642bb1c-e72d-4075-82b3-ff7e31f73438
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9694254a7f0b7e9dee5054ca758f1a380e046c2a5d986993746c2f989f9703ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj
minify
last-modified
Fri, 02 Feb 2024 22:53:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVwxRaeUUYIjn38i1XdgaDwcV84lq%2BfNdGQSl5ng6Xn8I2D4UdFwtMOYro91qyXy68rIodADY4kWKM4spoZpmWBYdxk5uN%2FMGRA27sa%2BDUPa8rRc4bi7cvn2wXvgDYeN5gSTw%2FygcFz2O4ACVrbDPq4T7ns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
850cf53fb8ab9bb3-FRA
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:30:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
788
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 05 Feb 2024 19:30:43 GMT
jquery.adrotate.dyngroup.js
saopaulosempre.com.br/wp-content/plugins/adrotate/library/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b1f799832f72d861b8bd51c2f91f45c7a8b93b99912923b8c4154aa37f1383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
cf-polished
origSize=2221
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 31 Aug 2022 12:52:28 GMT
server
cloudflare
etag
W/"630f598c-8ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpaZrB7vTwnTcMeVTdEKa8CWZTdl%2BSP1a3v4P3efPp6FiGUt0e6KeoplalXliDWuv6BCZs2ttnKRNuSFdByVSDrXkeSBhVyKafur3OOuloOOVho7JLXCeWNU1Poa6n9MZF0UBx%2F9iHmdLZMoHqCGMUMvqN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
365920281 363430530
cache-control
max-age=691200
cf-ray
850cf53f8fb86540-LHR
expires
Thu, 08 Feb 2024 01:10:18 GMT
jquery.adrotate.clicktracker.js
saopaulosempre.com.br/wp-content/plugins/adrotate/library/ 		199 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269677
cf-polished
origSize=365
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 31 Aug 2022 12:52:28 GMT
server
cloudflare
etag
W/"630f598c-16d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUM5bEkplgJ%2B6KDHz%2BpNI2d4J4ZEVO4eLn7%2Bx%2F6HxVzHNPlk3Tka6qJSkmnYG6FRASdo7IeaM6NrhU3caOZtu4aEAseBdrBPJN8bJZTaQJdUW%2FAjmwGq0G%2F%2Fs9tzmTLumbszm7CNo%2BbXmca36dLkhvf%2Bn7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
348815500 348357657
cache-control
max-age=691200
cf-ray
850cf53f8fba6540-LHR
expires
Mon, 05 Feb 2024 20:15:18 GMT
page-preloader.js
saopaulosempre.com.br/wp-content/plugins/wp-performance-score-booster//assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/wp-performance-score-booster//assets/js/page-preloader.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf4f4ddae375313291c3eedd801f3ca958722b9deac2b73824ef92f08571999

Request headers

Referer
https://saopaulosempre.com.br/
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269678
cf-polished
origSize=2841
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 18 Oct 2021 19:00:49 GMT
server
cloudflare
etag
W/"616dc461-b19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYTHGwFDWzuWKlQlw8hMlwVnLPbRcnvqhXX262FmNrgkNOsufJzBCKeY7075Tabi058D7OpocwB6tNO0cjERiEQosoBw4kJEZ0q4T%2FNXSm1nIylAxyDBICgkPTDlpF7M5cu2UVtQTcCtiK6kh6QHV%2F1vDXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
45843174 45678595
cache-control
max-age=691200
cf-ray
850cf53f8fbc6540-LHR
expires
Mon, 05 Feb 2024 20:53:14 GMT
polls-js.js
saopaulosempre.com.br/wp-content/plugins/wp-polls/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/wp-polls/polls-js.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 14 Jun 2022 22:45:40 GMT
server
cloudflare
etag
W/"62a90f94-caa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZdwt82sfYNg53LDq6Y6nIA4SAQRMxIEO8M2aQZM6QMDaO4UMMhnsEuyJ%2FGZlzmWF%2BESTd05x%2Fy%2F9J6iB1hMrRljCvW%2BkU7XJ6uzU%2FlHfEs88o%2F9g5GloO1fFmlOOMqhcQj74dKF1n%2FFTVi5%2FCce1mELSYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
616466600 614862308
cache-control
max-age=691200
cf-ray
850cf53f8fbd6540-LHR
expires
Mon, 05 Feb 2024 20:01:23 GMT
mediaelement-and-player.min.js
saopaulosempre.com.br/wp-includes/js/mediaelement/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Feb 2021 22:56:12 GMT
server
cloudflare
etag
W/"60382b0c-267aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuJ0lWpRY3Cjfe6FDazt%2B2banKGhFEXJDpcwkq47Vw3JFuOgEZBkwz1QI0AjGFe52jhRtZ%2BlifzKHclCWCspTuK5iC4GfbAqjDJrRpUVluB2PQWIxkGFFbBwNJSzjSrR9JJ9xI9q22ULdZjZa0DTkHI9r5Y%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
483820635 484573736
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fbf6540-LHR
expires
Mon, 05 Feb 2024 20:53:15 GMT
mediaelement-migrate.min.js
saopaulosempre.com.br/wp-includes/js/mediaelement/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145198
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Jun 2022 23:08:29 GMT
server
cloudflare
etag
W/"62a914ed-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzZgQkarmQPl2mkR00NxCb6fHZ9GkX7IvpNOtPup%2BLVuRZyvv8MnNpC%2B%2B5h3zVvIMlhbTpR9pTamxkTn3r72wX1ZrXUGFaS%2BlYN0krcudCYtQFIczgXgaPcswAA0ygYNoM2%2BunQuGyI8pBF5R9EUZ3t8wLE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
77792840 78414265
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc16540-LHR
expires
Wed, 07 Feb 2024 06:52:37 GMT
wp-mediaelement.min.js
saopaulosempre.com.br/wp-includes/js/mediaelement/ 		906 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Feb 2021 22:56:12 GMT
server
cloudflare
etag
W/"60382b0c-38a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYYYRgj4fJY0e9cHVYr6f8qVWz6%2BRal0gUXjmJ15%2BwOw%2BeqDg3JEvp%2BUuPLDPx7X2Bq5B1KKu25uqACHf2%2Bt0oeAp81ubnbRWKoWeXJb7GmEAQ5gxTvL2IdIXtZMkTOHtHRTF3ubbDIk4SZSLLH501d0nr4%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
45646450 45220186
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc36540-LHR
expires
Mon, 05 Feb 2024 20:30:31 GMT
jquery-ui-custom-min.js
saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/jquery-ui-custom-min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e202217830fb832191f247b468b1c0e7e0239c1c34c6277ef9e6f7821da117c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 May 2016 15:40:38 GMT
server
cloudflare
etag
W/"573200f6-6fb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwLxef6IBLu03fqRRHWDRa8Xx4CbrLZN82X%2BHc8%2Bg0e8q%2F8ROMBSYjLEvY2WCxqYqOSqPs7mDO%2FYaqWjoi0p4%2Fa2IlNFdDFHI2LJoUHCULANbenG6hd%2BuqWG0YEf%2FenhH2bYOAd%2FAEEtHpSw7sP9rd%2FtIzc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
483820637 481462627
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc46540-LHR
expires
Mon, 05 Feb 2024 20:01:23 GMT
jquery.flexslider-min.js
saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/jquery.flexslider-min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f011bab6555ffd64e70fdf76e8bfde14de2a7388c96b17a57a880903875fbb89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 May 2016 15:31:43 GMT
server
cloudflare
etag
W/"5731fedf-5747"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSpTcgX9xJOlsNB3lSL5C3PhI9BaNEabZC3UXXc0lAHZh1yfDPYD77EzcS2kz848VDa8%2BMOE81TKeUgblJuoAsg%2B2CWUAq0nnbHWGJC0iJNms5pvaaGSRX2JcUf19%2F08y0%2BEf087j8xHs80tJVubNEJaLBM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
359465205 358809707
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc56540-LHR
expires
Thu, 08 Feb 2024 01:10:18 GMT
jquery.masonry.min.js
saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/jquery.masonry.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562d938405afa2d5bf5f0fd2fcaadeb183f068700cc85ff97fc283f05261ce03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79774
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 May 2016 15:35:50 GMT
server
cloudflare
etag
W/"5731ffd6-5bfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3y14nnGaHmY%2B5lzRPhv9pv1kCgQuctEgLxNryBlrUbJVyoZLdm%2F%2FjNwmTepTDAXCDOzhRQwzd8yjCnT7uSgWIVwyj0bdWTNxTg9FJ7quLK1E4J%2FNnNficAsx6m%2B7O2EY%2BPHish7dJL9rc8XGwtiKkE6mJM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
188088483 187269833
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc66540-LHR
expires
Thu, 08 Feb 2024 00:48:24 GMT
script.js
saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/themes/desativar/dawn/javascript/script.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
122d56342a183a18016bf84ab4bc0c3a712f8b33993554181eaf1b9b172d493e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
cf-polished
origSize=2968
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 May 2016 11:43:06 GMT
server
cloudflare
etag
W/"57346c4a-b98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEC4%2FJgAhi%2FoOp7pYzgSQ2TsLTfb5ra%2F2bby1P8zOMwqgkpS9304nXUmDqLPSsUlepRNORcI1NDOO%2F8O8vLlml%2BosggrWVNFaVPs29PsXKa7PI4IGEByZabs7WGNPnnoXmEnjS4lei4GxUVRfOtrI2kmxCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
962659059 961808385
cache-control
max-age=691200
cf-ray
850cf53f8fc86540-LHR
expires
Mon, 05 Feb 2024 20:18:05 GMT
sbi-scripts.min.js
saopaulosempre.com.br/wp-content/plugins/instagram-feed/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f593a70e96ce43902c23e6b15b42b2b2222f98ffd06a3dbe58be0324270887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269676
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Jul 2022 17:26:18 GMT
server
cloudflare
etag
W/"62d051ba-6b5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ2iGeRM50Nqv3XdKDnR9WxVo5cyojsCoCIlvM%2BOWGE5Ycph3eXwBGDqDqk0M3GloFDh962LLVEolVkM9%2BqOuEBAqIxBzoLK%2BMgd73OJnIo4bdVftxFV0m%2FyGuLGX1sZCyE%2FISzfvLUschlNCmINmv237ZE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
400752645 400589092
content-type
application/javascript
cache-control
max-age=691200
cf-ray
850cf53f8fc96540-LHR
expires
Mon, 05 Feb 2024 20:01:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646966041291721&correlator=714081407294522&eid=31079527&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&iu_parts=21628616545%2Cclube%2Ccabe%C3%A7alho%2Clateral%2Cnative&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=970x250%7C970x90%7C728x90%2C300x600%2C320x50&fluid=0%2C0%2Cheight&ifi=2&didk=1800127656~1800127657~1610636079&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707155031066&lmt=1707155031&adxs=-9%2C1040%2C1040&adys=-9%2C4866%2C4866&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C2&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&vis=1&psz=0x-1%7C300x0%7C300x0&msz=0x-1%7C300x0%7C300x0&fws=2%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=true&dlt=1707155030533&idt=476&adks=2435607431%2C1861708573%2C2027925264&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb5011dd07dbc43af719c8a7defbed66ff84bc35da2107472c3d65968f226d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Tue, 04 Feb 2025 17:43:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=undefined
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6e868b6feca508b90f9e20c35e02b6d2d558c4cd295c70a775c521055d656dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44978
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Feb 2024 17:43:51 GMT
api.gif
tags.denakop.com/ 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155031171&cb=0.8264556530495821
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf540dcb335f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4A44 		603 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9092257803572239&output=html&adk=1812271804&adf=3025194257&lmt=1707155031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707155030885&bpp=3&bdt=352&idt=299&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2725489267939&frm=20&pv=2&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C44798934%2C31080818%2C95322183%2C95324155%2C95324161&oid=2&pvsid=2646966041291721&tmod=359673351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092257803572239&plah=saopaulosempre.com.br&bust=31080818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1936858010&t=pageview&_s=1&dl=https%3A%2F%2Fsaopaulosempre.com.br%2F&ul=en-us&de=UTF-8&dt=Blog%20S%C3%A3o%20Paulo%20Sempre%20%7C%20Daniel%20Perrone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=133221900&gjid=1755851467&cid=1110527849.1707155031&tid=UA-85990139-1&_gid=171818949.1707155031&_r=1&_slc=1&z=1210008393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/6642bb1c-e72d-4075-82b3-ff7e31f73438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7070caab6f4b359b2ae2d656c111af4cae226fd758202665ac3625e528b4fe49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29757
x-xss-protection
0
server
cafe
etag
440 / 19758 / 31080855 / config-hash: 6362903219897359044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:51 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		394 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/6642bb1c-e72d-4075-82b3-ff7e31f73438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463727
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified
Fri, 19 Jan 2024 16:03:08 GMT
server
cloudflare
etag
W/"1da4af0fe48619d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl6v5UVP%2BMblWyahNKpzq9bhQiBhzS%2Fs1MmO6rPo%2Bh4q8U9qz4%2FlNzygjLirHdbtTyv8hzJAvD9QBmTkCMfMSG1ZCZo70nMso1egKZGH%2FCcKXRW%2BLVWhT7v8mhQ7fD37kihgNgP1OqCqDXRdEAhmCuTBe3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
850cf5415ac79bb3-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsaopaulosempre.com.br%2F&pid=AvYPMpm5Pvm6B&cb=0&ws=1600x1200&v=24.129.1645&t=2000&slots=%5B%7B%22sd%22%3A%22P_SAO_PAULO_SEMPRE_INFEED_01_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22336x280%22%2C%22300x250%22%2C%22750x280%22%5D%2C%22sn%22%3A%22%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_INFEED_01%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%2C%7B%22sd%22%3A%22P_SAO_PAULO_SEMPRE_LATERAL_300X250_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_LATERAL_300X250%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%5D&schain=1.0%2C1!denakop.com%2C0%2C1%2C%2C%2C!google.com%2Cpub-8170966538152543%2C1%2C%2C%2C&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-47-29.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:50 GMT
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
d7QKTfkYYDbYVsHd4w1jdtCobuqEErGlgfdLoLE2EdO9_eRrxxPTQA==
5e13d1e382d895a5a58b40173eb7abfd.js
scripts.cleverwebserver.com/ 		151 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/5e13d1e382d895a5a58b40173eb7abfd.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb0f652552de01ea802382d7b5d145cbee35857ab427607510d3fea83dadbd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
x-amz-version-id
3ieJDcAu2ycy7ph_OgnjD4HNQSGet6cX
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 12 Jan 2024 11:33:19 GMT
server
cloudflare
x-amz-request-id
CR7E4JNYRP5CXGE3
etag
W/"8048a7d62bf90a4877f62a8a7b20084c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
850cf541cedc8ffb-FRA
x-amz-id-2
XA2W07AIjePa7s/eUKiVTsEx0iew/OFXtp+wwQA9maNE22AlU5Wia7pDG3meZECOib/wdGxDw2Y=
expires
Mon, 05 Feb 2024 18:13:51 GMT
1f1fe-1f1ea.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		295 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f1fe-1f1ea.svg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
382249585136c0ff400c2ebca8cac116373cbd34dd863297edf4ce5217fb63dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 05 Feb 2024 17:43:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
295
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f4f8.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		496 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f4f8.svg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
5df9c9de7a24e3fdcd2d08744ba586a66a4b138b63cdef6979dda1852f8e5039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 05 Feb 2024 17:43:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
496
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/login/ Frame 1AD9
Redirect Chain
  • https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=239458762882232&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df64a...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D239458762882232%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D239458762882232%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df64a9666e6042f6e5%2526domain%253Dsaopaulosempre.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsaopaulosempre.com.br%25252Ff699106f328b06665%2526relation%253Dparent.parent%26container_width%3D300%26height%3D287%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdanielperronespfc%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D287
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=3ad273f940cc7f4fdb8d6a2b6d2adce6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
qxP9IH5Z2bOiWOo6caeas4xhBUjXF+ddNGIGOCjRK1ojFq4sLhQ3DQ742XuEEnX39nKxh0dsOuXrbiNPssUBzw==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D239458762882232%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df64a9666e6042f6e5%2526domain%253Dsaopaulosempre.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsaopaulosempre.com.br%25252Ff699106f328b06665%2526relation%253Dparent.parent%26container_width%3D300%26height%3D287%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdanielperronespfc%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D287
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0"
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
lZy2zQM0EelFu5EAaSAjY5bHMO/cfFF3KiEf+k2RhrUJFxZeDVXq7KZN1esFS3sGuwonMuDkeLiPprJTgmqTKw==
x-xss-protection
0
admin-ajax.php
saopaulosempre.com.br/wp-admin/ 		5 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-admin/admin-ajax.php
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://saopaulosempre.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObZ%2BodaRQK0ISQm3Z849CcZob9piyKLuh2jqtSHcXSAWXT9L8kdYxAjia40JMz4MyiHgxTxfCisaifgwMTRRyWesV6KTy7ir%2FqwFJCoMWYhpIYQbij6fCzkaTWupx0hcq2KIx%2B34xeNhSpdkEkAtt0taIVk%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
563512803
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
850cf5420bf56540-LHR
expires
Wed, 11 Jan 1984 05:00:00 GMT
311915558_446279617609181_7881714247083529188_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311915558_446279617609181_7881714247083529188_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912950dc220b19cd42d7a2ef16d0bbffc85f73482b81d809969211da302915c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79773
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
9119
last-modified
Tue, 18 Oct 2022 16:25:58 GMT
server
cloudflare
etag
"634ed396-239f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfAKFPPbw0RzMAToZr3I0dlNQSduUCse%2BfwTJMKjv21ZRzwU5vVji0RQTlpuXV92A3YnIMFLXA9sF%2B37CiMKarg9Z91d%2FMvHLROkIQzznhPGdlRySmMOA%2FdK4goE6%2Fimj%2FKKER0S2tvShJ4m0vzgr5xThL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
539954080 539951913
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5420c0f6540-LHR
expires
Thu, 08 Feb 2024 00:23:48 GMT
311884517_1208618203022661_4819512115389786568_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311884517_1208618203022661_4819512115389786568_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5efd013114a5e58d0e95fad934bd7cca80dbdd303149c0454455386f26988c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
10186
last-modified
Tue, 18 Oct 2022 16:25:59 GMT
server
cloudflare
etag
"634ed397-27ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKDlK7Ivn1nJwn8%2FF%2BOJI%2F%2BBudyNTol%2FjkeMkAE7nBhTHpgT8yQLmeQKGKU7ufE%2FLwxzGR2GvgrK3iM1DtqOpiHoCbivJGHCp0lJFu%2Fw%2FHm54vBazqsoEqzNgf9cVV8L3A%2FvUEdj9qLR5pmXgBGTijUSBUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
303792137 302973475
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5420c116540-LHR
expires
Tue, 06 Feb 2024 03:40:28 GMT
311708968_424950872935237_5316239432874176297_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311708968_424950872935237_5316239432874176297_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65bd6996a2fe6c5c5622a03910a55eef275655c140eb64a363dcc14e9e17cee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
8530
last-modified
Tue, 18 Oct 2022 16:26:00 GMT
server
cloudflare
etag
"634ed398-2152"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqnG00BDcP1U5B6J0VEsa5ukL95yZ6UO1E2dBdo3qUHcxs1EG0K6jlspBec5K%2Fooh9KB6D341bvFgFkjKkmPXhBWQWtnMnBidjcajyxZDPKPIYjM%2FA3Dw%2Brw%2FWLcGe%2BgMgNT%2BCs5CzeU8orZC%2BsPDKosZCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
303661076 303136771
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c176540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311688584_500548441721952_7695111937938367705_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311688584_500548441721952_7695111937938367705_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcb9c977cb01337a4497c07e262fe3a7472231c89efcaa33ca574ec730aacaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
9064
last-modified
Tue, 18 Oct 2022 16:26:01 GMT
server
cloudflare
etag
"634ed399-2368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72s2o1XXc3Y%2BoJs4ens8PqUeUveN%2Be3cStJzLbSVykj5i4Z24dOWNnQmbvYWAowrLWeZyNQExEg49BPvcpZSMwtWgxUzriLw1tEBEV5ZtTr64c8Fi%2BslTezB%2FwWsaPDCV8DklzPID4eEa2pvex%2BFy4OSrsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
488308843 486834387
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c196540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311773240_126134473386370_2340269789943249262_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311773240_126134473386370_2340269789943249262_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89ffd6676920aa558288bc5dca459b8443272d5ac5c50d79936706d6fce39898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
9666
last-modified
Tue, 18 Oct 2022 16:26:02 GMT
server
cloudflare
etag
"634ed39a-25c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bualyson96EjsZsQ4FoqTKgMZlEhXAe8WmGLLxytmx4wgdy%2FVdB4hF%2FlNSZJ2tcR9CgiOVwwujKrSySSOO18SbBarmMjO1rdF7s%2Bc9xjJQk9N8hbj750If3sbGFnGct112ytC9%2BYAhEr6BJPUNXFSPmZ07A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
930415167 928777069
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c1c6540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311766837_611771587208107_5491490309494813053_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311766837_611771587208107_5491490309494813053_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708255048b961f446fa123b42a28f9cba237d3f71dad39f718e8f1676db23f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
8948
last-modified
Tue, 18 Oct 2022 16:26:03 GMT
server
cloudflare
etag
"634ed39b-22f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSumju4lXU5UCtV1gsWQcpegoXs3uHGscJzi8RwShhaa93f7PFLtELDDixb6HUaTl%2BP0k3GtOskQ0NaAk6cNYiZtkUbclpQM69EP8Lm5kqpj5D0d4vge7i0jzDUqQqtSduASF3FksjONdCEI8DFhqRSfAjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
303529990 302711088
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c1e6540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311706620_439692021637404_186242381401399109_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311706620_439692021637404_186242381401399109_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d63f0425aaa386dd654c12a24af4bc9ad53152c31f032ace7d80c9c7150b041d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
10282
last-modified
Tue, 18 Oct 2022 16:26:05 GMT
server
cloudflare
etag
"634ed39d-282a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oyFgox1sUNAvr6X7DUO2ZbJqRLS1e9%2B%2F59KnPCFY%2Ffw1BsHk8k%2FMzvmMpg6CiaFlGzmiGpRwWLRrMh%2F7oFhuJRN6xV5DgaM9bFA3TNcjzkDhlascIQM%2FQe4LNmnrz9UN6ZokTqd1MZcqjjjqPCofRF%2BgOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
493256706 493060248
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c1f6540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311845686_519555680013593_6632707067157464245_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311845686_519555680013593_6632707067157464245_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5b6250b8846bd6d48d78ac949b71e27f7737d92f7973cbe12b9ab0e613966e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
7767
last-modified
Tue, 18 Oct 2022 16:26:06 GMT
server
cloudflare
etag
"634ed39e-1e57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03gdVpTvh7rtoE%2FbRFzBc5ZQeKZvEnCkR%2BWUeZt%2B9U29njKq2DwoTlg54rkcbnpiB%2BwMDeWkbiD2ZRjXEd0kN%2BElOD5nwkLlGgFWyQJAtU4eYxsb8IuTlihHY1eKBCVX6WuZ%2FgEyPIaBIr9K%2FHJrM%2Bjf9bQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
384270435 383549597
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c236540-LHR
expires
Tue, 06 Feb 2024 04:50:31 GMT
311594036_694896891512654_6384596041446254674_nthumb.jpg
saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saopaulosempre.com.br/wp-content/uploads/sb-instagram-feed-images/311594036_694896891512654_6384596041446254674_nthumb.jpg
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1960ae9b306b9793a2e2cba8e6687d159ea33be375cf45b9cdbfb9649b620705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240594
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
8603
last-modified
Tue, 18 Oct 2022 16:26:07 GMT
server
cloudflare
etag
"634ed39f-219b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw35h%2FPYHymTk%2FaNVuQYRTXHPBstzludPxTq4DKu9b%2FMvnl6vqEa3qh5x%2FhgNYbzF4ZWWPvhYKivOoUi%2BgU1IvUTT6qXoUJmK%2BZrIm6uBj5L%2FNp4LmSuWpR4GnrE9MGGd5sC7xPXDzjn%2F9a1y58uO98K%2Byo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
384598133 383221920
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
850cf5421c246540-LHR
expires
Tue, 06 Feb 2024 04:58:19 GMT
t3m.js
tags.t.tailtarget.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:36:25 GMT
content-encoding
gzip
via
1.1 google
age
446
x-guploader-uploadid
ABPtcPqL78JJiJ10XBl5wEhBiL_1bve6wBJDrUi8tDkE0fvfzuz6DjQU5LG6k3ULLYZURUu4HXU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6184
last-modified
Thu, 19 Dec 2019 17:12:55 GMT
server
nginx/1.8.1
etag
"0aa924c986b60c68345be2b644a237df"
vary
Accept-Encoding
x-goog-generation
1576775575233105
x-goog-hash
md5=CqkkyYa2DGg0W+K2RKI33w==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6184
accept-ranges
bytes
expires
Mon, 05 Feb 2024 19:36:25 GMT
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
850cf5428b2f03a0-FRA
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
fastlane.json
fastlane.rubiconproject.com/a/api/ 		524 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=313602&zone_id=1597486&size_id=15&alt_size_ids=2%2C16%3B15&rp_schain=1.0,1!premiumads.com.br,6a91095b-cdcb-4cb3-bb10-cfd9a8aeda0e,1,,,&rf=https%3A%2F%2Fsaopaulosempre.com.br%2F&kw=SPFC%2CS%C3%A3oPaulo%2CDanielPerrone%2CGloboesporte.com%2CGloboEsporte&tg_i.domain=saopaulosempre.com.br&tg_i.page=https%3A%2F%2Fsaopaulosempre.com.br%2F&tg_i.pbadslot=%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_INFEED_01%23P_SAO_PAULO_SEMPRE_INFEED_01_0%3B%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_LATERAL_300X250%23P_SAO_PAULO_SEMPRE_LATERAL_300X250_0&tk_flint=pbjs_lite_v7.54.5&x_source.tid=6a71b9e4-1908-4c8f-9b81-a1211fa466e8%3Bd8f14cb8-0ba7-4bf9-9330-83d574bb9208&l_pb_bid_id=2d9b394ec60b6a%3B378c90c3f48928&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6a71b9e4-1908-4c8f-9b81-a1211fa466e8%3Bd8f14cb8-0ba7-4bf9-9330-83d574bb9208&rp_hard_floor=0.0305&rp_maxbids=1&p_gpid=%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_INFEED_01%23P_SAO_PAULO_SEMPRE_INFEED_01_0%3B%2F75894840%2C401774271%2FSAO_PAULO_SEMPRE_LATERAL_300X250%23P_SAO_PAULO_SEMPRE_LATERAL_300X250_0&slots=2&rand=0.17864372224843472
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b4455c7e4210d04524b7c05dae4abd1dfb207d64fb806d5d30183312afa6c50f

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		254 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
613985fc1a485a6edc400f1ce06f71d83fecc01968c600cdd29af222c42eefe8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
an-x-request-uuid
4533fea7-906b-4949-bcef-e7ab4236d5d9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
254
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=43970355285&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://saopaulosempre.com.br
date
Mon, 05 Feb 2024 17:43:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f3fae687b8a9efd72c3b11debad140434210a5b0d72a67d2a156be17421d52e0

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 05 Feb 2024 17:43:51 GMT
3946127
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946127?imp-id=1&target-ref=saopaulosempre.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
last-modified
Mon, 05 Feb 2024 17:43:51 GMT
x-yandex-req-id
1707155031584340-1428423024566916189800275-production-app-host-sas-pcode-533
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://saopaulosempre.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 05 Feb 2024 17:43:51 GMT
3946127
bs.yandex.ru/prebid/ 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946127?imp-id=1&target-ref=saopaulosempre.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
last-modified
Mon, 05 Feb 2024 17:43:51 GMT
x-yandex-req-id
1707155031582027-183347988783114273300275-production-app-host-vla-pcode-287
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://saopaulosempre.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 05 Feb 2024 17:43:51 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fsaopaulosempre.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.86.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-86-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://saopaulosempre.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
ui.cleverwebserver.com/ 		171 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165eaaca90e61c37951fd04357d598a2dbf7c0892f8d8e019efada48932c20e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
850cf542d8718ffb-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=32455&c=DE&r=&l=57&b=Chrome&os=Win10&mob=0&v=1.61.7&ref=aHR0cHM6Ly9zYW9wYXVsb3NlbXByZS5jb20uYnIv&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
850cf54328e88ffb-FRA
content-length
43
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03a9d32d03cb319d3c3bb388a64801d1c9e99ed878f87386f26ffbab5f18b78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12294
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 00:11:28 GMT
content-encoding
gzip
age
63143
x-guploader-uploadid
ABPtcPquKxbE3TpAgZtQup7xJyV8scl6n7p1mZI5wB-vseiotpIjeIZ7vtbyQRp9mC1B84FE5dQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Tue, 06 Feb 2024 00:11:28 GMT
video-js.min.css
tags.denakop.com/assets/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/css/video-js.min.css
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3035f4da137318c8ab24443847c53184aa239f7ae069dc2659eb9aaf8e4a4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Feb 2022 13:39:42 GMT
server
cloudflare
etag
W/"620e501e-7587"
vary
Accept-Encoding
content-type
text/css
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5438ff335f4-FRA
alt-svc
h3=":443"; ma=86400
videojs.ima.css
tags.denakop.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/css/videojs.ima.css
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac5a1e6c2c1fde505d9378a2bec86ae156da7dc888e199b380c8203f010e8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 30 Nov 2022 19:08:03 GMT
server
cloudflare
cf-polished
origSize=4176
etag
W/"6387aa13-1050"
vary
Accept-Encoding
content-type
text/css
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5438ff835f4-FRA
alt-svc
h3=":443"; ma=86400
videojs.ads.css
tags.denakop.com/assets/css/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/css/videojs.ads.css
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
542007f1393d22bb236f7092a3098723c68ce5fa756e18f40b8b9a8af8669426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 11 Feb 2022 17:05:10 GMT
server
cloudflare
age
1400
cf-polished
origSize=1071
etag
W/"62069746-42f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5438ffb35f4-FRA
alt-svc
h3=":443"; ma=86400
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17a039087b7ffee500196f00b651585da8e6f5e1094eb91200cbbe278042a88d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132591
x-xss-protection
0
expires
Mon, 05 Feb 2024 17:43:51 GMT
video.min.js
tags.denakop.com/assets/js/ 		569 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/js/video.min.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d29a4da589df44d74041478486a73e8875b37c1a460616e1017e07f76d209e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Feb 2022 17:05:14 GMT
server
cloudflare
etag
W/"6206974a-8e318"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5438ffd35f4-FRA
alt-svc
h3=":443"; ma=86400
videojs.ima.js
tags.denakop.com/assets/js/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/js/videojs.ima.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074fbc5276a1cd4fc4594fd67e3f1a7ca65760f03d40426e18db2cbd96907cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:56:31 GMT
server
cloudflare
cf-polished
origSize=36923
etag
W/"629f914f-903b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5438fff35f4-FRA
alt-svc
h3=":443"; ma=86400
videojs.ads.min.js
tags.denakop.com/assets/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/js/videojs.ads.min.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10274/saopaulosempre.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b080077be67f44a0c4cf754a402ddaced203190343eaa31bb79690f5c128d9e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Feb 2022 17:05:13 GMT
server
cloudflare
etag
W/"62069749-6e4e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf543880035f4-FRA
alt-svc
h3=":443"; ma=86400
btn_close.svg
tags.denakop.com/assets/ 		2 KB
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/assets/btn_close.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9798fc4c7ff476555c03664d50915973981718170a86a95ab1fbc2c9faf3255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 15:50:23 GMT
server
cloudflare
age
2987
etag
W/"63862a3f-697"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf543880235f4-FRA
alt-svc
h3=":443"; ma=86400
black.mp4
tags.denakop.com/assets/ 		1 KB
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/assets/black.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c627153c9cb78d7447539e7d75ed6e85225424e5d0a60959a51d49f2d0f20f1b

Request headers

Referer
https://saopaulosempre.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 15:50:48 GMT
server
cloudflare
age
8809
etag
"62c30c58-4c4"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-1219/1220
cache-control
public, must-revalidate, max-age=604800
cf-ray
850cf543880535f4-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
1220
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 23:42:55 GMT
content-encoding
gzip
age
64856
x-guploader-uploadid
ABPtcPpt6FkW6ksfAZlF-hQyGxJW8kLPBQ4lp0TMSgxV0rdwc67Na7Ew1__JYBU627iTlaM140Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Mon, 05 Feb 2024 23:42:55 GMT
u
b.t.tailtarget.com/ 		76 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
6886c310cba858be5c927e27b178b7aea67b77e5912b0e32b3859f6baabbc08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Feb 2024 17:43:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		206 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646966041291721&correlator=714081407294522&eid=31079527&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&iu_parts=75894840%3A401774271%2CSAO_PAULO_SEMPRE_INFEED_01%2CSAO_PAULO_SEMPRE_LATERAL_300X250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C336x280%7C300x250%7C750x280%2C300x250%7C300x250&ifi=5&didk=3790935640~1387691140&sfv=1-0-40&fsbs=1%2C1&sc=1&cookie=ID%3D5a28b6c48c3867bb%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZqdi1sYpK8nd2LcWQ5VRVuMLxCbQ&gpic=UID%3D00000d50cc3528d9%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZfJfcqEgWifTojETI9pqjhFCgHYw&abxe=1&dt=1707155031808&lmt=1707155031&adxs=241%2C1040&adys=1987%2C2307&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3%7C4&ucis=4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&vis=1&psz=750x280%7C300x250&msz=750x280%7C300x250&fws=0%2C0&ohw=0%2C0&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=true&dlt=1707155030533&idt=476&prev_scp=data_type%3Dinfeed%26pp_loop%3D00%26pp_pb%3D0.15%26amznbid%3D2%26amznp%3D2%7Cpp_loop%3D00%26pp_pb%3D0.15%26amznbid%3D2%26amznp%3D2&cust_params=url%3Dsaopaulosempre.com.br%26categoria%3Dhome&adks=1356657906%2C2486603915&frm=20&eo_id_str=ID%3D2b10264767b30130%3AT%3D1707155031%3ART%3D1707155031%3AS%3DAA-Afja2lfyo04KBi_8ypjTzdEOL
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83f9904c44d1e75529c1f842664672d861c3b9db0a9b97b2097053c4278f4d4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38572
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72CC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 14:14:21 GMT
expires
Tue, 04 Feb 2025 14:14:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B2E6 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
daed79a07df2a02cbbd450e3027e55f605638911922c030be598acf47c97aa36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hwv4vwvfU7Fdrg2WMKO0EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Hwv4vwvfU7Fdrg2WMKO0EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Mon, 05 Feb 2024 17:43:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 72CC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 14:14:22 GMT
b
b.t.tailtarget.com/ 		158 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=4&tU=0100007F571EC165C706440B027F2003&tX=b.52&tZ=97838173&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
1a068ff816e69e35dd019b25acb94cf39e238e2fc4182d9173d284f7415f5870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame B2E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290101&jk=2646966041291721&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
/
prebid.smilewanted.com/ 		0
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
850cf545efa62c1c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
850cf545efa42c1c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
850cf545efa22c1c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hb
cpm.denakop.com/ 		0
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://saopaulosempre.com.br
Date
Mon, 05 Feb 2024 17:43:52 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://saopaulosempre.com.br
Date
Mon, 05 Feb 2024 17:43:52 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166171&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://saopaulosempre.com.br
Date
Mon, 05 Feb 2024 17:43:52 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
v1
prg.smartadserver.com/prebid/ 		0
0
v1
prg.smartadserver.com/prebid/ 		186 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		366 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
180935caca3697a255e4d1b697b7ae199598c900bed61c64e45dbffb81a1634c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
an-x-request-uuid
33c85ea8-ec82-487e-84f8-1a29b7a6a57f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
366
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://saopaulosempre.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=9&alt_size_ids=8&rp_schain=1.0,1!denakop.com,10274,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fsaopaulosempre.com.br%2F&kw=SPFC%2CS%C3%A3oPaulo%2CDanielPerrone%2CGloboesporte.com%2CGloboEsporte&tg_i.domain=saopaulosempre.com.br&tg_i.page=https%3A%2F%2Fsaopaulosempre.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=218e969d3bcd5ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5601440683799976
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
302c7521d56f1c685379e3e0b8c02ca22ac97e4821a7a6c875c64cdcb56f87a6

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		335 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10274,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fsaopaulosempre.com.br%2F&kw=SPFC%2CS%C3%A3oPaulo%2CDanielPerrone%2CGloboesporte.com%2CGloboEsporte&tg_i.domain=saopaulosempre.com.br&tg_i.page=https%3A%2F%2Fsaopaulosempre.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=220ac5b3635a676&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.650558389087246
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7fcb66dc65cd6a8d7f3e33c88a0f2f35f4bbabc80e72cef4ca03125dec52379b

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
335
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://saopaulosempre.com.br
date
Mon, 05 Feb 2024 17:43:52 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		50 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:51 GMT
an-x-request-uuid
a692684b-241c-42ec-9e74-4a8f53f5f90e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsaopaulosempre.com.br%2F&pid=AvYPMpm5Pvm6B&cb=1&ws=1600x1200&v=24.129.1645&t=2000&slots=%5B%7B%22sd%22%3A%22denakop-auto-side-38692206-a143-42f7-b4f7-d134c4807367%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22120x450%22%5D%2C%22sn%22%3A%22%2F21715141650%2C401774271%2Fdesktop_side%22%7D%2C%7B%22sd%22%3A%22denakop-auto-under-07326d49-d83d-469f-9f63-695224a5a307%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21715141650%2C401774271%2Fdesktop_under%22%7D%2C%7B%22sd%22%3A%22denakop-auto-slider-a93c9c8e-440b-493c-a497-4e12d9be2824%22%2C%22s%22%3A%5B%22400x235%22%5D%2C%22sn%22%3A%22%2F21715141650%2C401774271%2Fdesktop_slider%22%7D%5D&schain=1.0%2C1!denakop.com%2C0%2C1%2C%2C%2C!google.com%2Cpub-8170966538152543%2C1%2C%2C%2C&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-47-29.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
WLEUeZI3B-mTI8_rd9gDnezOZGrY6I9OBTSNqDkZPFuDqxyIX3qEXw==
generate_204
tpc.googlesyndication.com/ Frame 72CC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YIFbqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ca
tt-11382-4.seg.t.tailtarget.com/ 		83 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=671662663&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
5421e7d08f5fb2ce2e36031d562b26768817268964720146dfbf001a0fb4e1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
admin-ajax.php
saopaulosempre.com.br/wp-admin/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saopaulosempre.com.br/wp-admin/admin-ajax.php
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:50a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc2da579f7ffdc6a69bbbef79a483eb1be63d4b75cecb4c0a5fc58204e98d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://saopaulosempre.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 05 Feb 2024 17:43:53 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ32mNjnAjnDwohRj41mAvUErViKIFJombJPtvnQRcECPiceru5RQwbqxxQ2CdbASgWpzsHb%2FQg%2BJGN3wdjrs%2FLvuERLoplomUiPqA%2FflwaBc8P%2BvhAbLuqcN4SdFSKyLlejqtJNrbAVyCn%2FVgQVoUz0zYg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
563512805
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
850cf547f8046540-LHR
expires
Wed, 11 Jan 1984 05:00:00 GMT
container.html
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF49 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Tue, 04 Feb 2025 17:43:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A714 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Tue, 04 Feb 2025 17:43:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
__tt.gif
t.tailtarget.com/ 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1707155031950_2997014918&tJ=&tU=0100007F571EC165C706440B027F2003&tX=b.52&tY=1&tZ=351835348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame DF49 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64dbf00da9e02b508be7975901db246dcd46cdd33f7323626cd67767202dd815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
77576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14438
x-xss-protection
0
server
cafe
etag
9073017962350913355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:10:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DF49 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
514128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DF49 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame DF49 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 14:14:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame DF49 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:28:58 GMT
l
www.google.com/ads/measurement/ Frame DF49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQU4Oa8V_BsxDWgJ7rU2U2_L58OeO0Y9r9r3QPMw8YXo9NRtp-wj7EN0cxpyHKNX1aRRXlqY5O8dRvvEO9DO9O8_oe4Sw
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A714 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64dbf00da9e02b508be7975901db246dcd46cdd33f7323626cd67767202dd815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
77576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14438
x-xss-protection
0
server
cafe
etag
9073017962350913355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:10:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A714 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
514128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A714 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A714 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 14:14:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A714 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:28:58 GMT
l
www.google.com/ads/measurement/ Frame A714 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSovhn2z5mkoaFj4KlBbPfEFMdFtg6UESBsnDhpdClzCSp19fx6sGVy3doyqRmIhyyixiP5YCRldUK4YBe-5Qi_HKZ77g
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
assets.ad4m.at/ Frame DF49 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
514252
cf-polished
qual=85, origFmt=jpeg, origSize=43355
alt-svc
h3=":443"; ma=86400
content-length
17570
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 14:49:19 GMT
server
cloudflare
etag
"334f1aa9ac5fa118f5f73b8b42074dca"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=invi3kTsDyM0%2F30Hs4UD6r3Ss3hP702%2BAzcHKBYvaJCaUNZraEj6ixP0KUJ5FqYBE29ZydUpL%2FL41rOhbd6q%2FZZixFMz3yCOEsLvWGsCtSC3yjN2egaTXTKdCiDrftTh6f68fZ0UpUWBSgr7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
850cf5495d7f1e5a-FRA
40933678460698624
tpc.googlesyndication.com/simgad/ Frame DF49 		1 KB
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 19:12:23 GMT
date
Tue, 30 Jan 2024 19:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
assets.ad4m.at/ Frame A714 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
514252
cf-polished
qual=85, origFmt=jpeg, origSize=43355
alt-svc
h3=":443"; ma=86400
content-length
17570
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 14:49:19 GMT
server
cloudflare
etag
"334f1aa9ac5fa118f5f73b8b42074dca"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCisjkuIauuGiZ2Pb7GH%2FiLx4AYC1b4U9cvUGsqRYgYH9bfBS1hQPs0FwyWxDkZ5LWfOCZDBZDu6H4XjFw04gXAROfVNoiYgwk1uc5A7LeIz8isvum%2FFeITwCqPjfdgkV3JVQThG%2BQd244xE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
850cf5495d821e5a-FRA
40933678460698624
tpc.googlesyndication.com/simgad/ Frame A714 		1 KB
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 19:12:23 GMT
date
Tue, 30 Jan 2024 19:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290101&jk=2646966041291721&bg=!uLulu_TNAAa8BdJLnAU7ADQBe5WfOPrfhTgRvMKMCsK9XTvnMIJmONuRbjk72e9hxUN6nrqDQM1oxQRn24u0IunOBhSUAgAAAKZSAAAAAmgBBwoAnBlAOVqaCkFSDQZW3MXU2-Vg8id09Se2Kc6quDG52ltVIhy7iwaQ2T_QOM562nSM6lzE480Fk-Qav_jCxZrCO7WSyesgNp57lIsySLUfAkT601vB6cc-lYZivJ_pwfOZlR-xU8ZSoTIoXPMN96hIyVoskzk3_naHsIxkE1hCmyKqhmy6tkTG0O1Bw8DMIrAo9MT6AQ283sQOpyZsg5kC19U7WWY1fX20hFbx_P83huNel21DhhNFl3PpbU7_aCKaVXps7jAM5E3xO2Z_6j-soAB1wyY-4k1dA5exNp1jP9Fi6-YHRtp2XiOVhSsJxtb9yoH1Oop4IRBD1D5w-1LiDasXETRlPhEnLYUCQqNZwboCxZ9Wu5EBk9vfooIhxDTKXLC9NACNttGT5XFhC7zeoyNQvBNGAdlZLcRq5mcGf6iZzs-5XhD92n4qnhglX2S31p_WZKEPbGiIcAZo6jLFRlV7jTJQeP-ZW5qwWARCVDD7CnwxUEG0ynssAExSUK_pf5F7mCmwAWqaXpbcWuhRk58i-ok-WwU-VSn5bb3DkTDapWFvsSwIQI6FE8ERrtiq7qLFjKkrBp4VadJtNyD6jTVAM6FaZF5pLIL1BO_YSlSC_TQ2cSdPghBIsalM04aV7_l4T4xhX4Vby2e28Dxn5732Rs6j0BOGI8hRN2ck-nUhlbEztOZXojgXlJ8czG_bIVj18srwOYO-nT9xf5b1N7-yjYCrOr08Jj8REktKIX5BTKWjmlTn7ljnatlMqaKk5mynB4tDQpBb5cxA2a2t_0n2B_g8nM6120F7zrin3JgOD6sYuYYLreJR8mSNesEwFLtsNvjDNScyuqgNDd0QQ0yetXLU3zI7JnjDKpgkiNTv33b8NemCX3SoV9biFMSWn7fCIEltrbS5lp1CoPk6WcxGw7BB3wL4ZScaBADxv8SvIZwQjBN1rzx-TAoMh9OPoCdMH1Buhzk661Ibkf84iQ3E9PfksuR4GcHzaAfeND1dgLJyFAnnwDqgcFRbeVNcCaVNQKMYjVPEK_pL2HMIc4WToNdtQbZDEmJH11E7sY8EWgm2w-lJa4YUech8OCP2k7QWg09np3LcYk95ubYsPkdwP_ANhu2NpQ0MqhuRmAG3eFTrU-K3S5rvWl39NUBmBN1PuUFKrNNoMFyo2_4V2BwEXnWNtFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame A81B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:30:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C8DD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:10:44 GMT
etag
48472445140208031
expires
Tue, 06 Feb 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A714 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ffdfd5c9b476e641093e98bb44afb2bdba168893f561ed1fdb7d740adc7c602

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame A714 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdzmiVx7BZd_8OfOZjuwPrJOf4AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQJ81Vyql_-xPuACAKgDAcgDAqoEtAJP0Pzx47U_qpWVL5B1oWZwFMrELYQcQW6y04QwwyVZ5K7YsrYqp1ikJ_eXUssmheDTTD_UNnoPRG8I-g9hBNPM52yZ6u7M5wp9pDC8cOFa81h01TMj2dBYE4wBU4hu9U_wMo3KkoNqvzhOf7s1R_CYug7VsEXcDPr9ddx3s8zUCR1xM8KQi6P5-loxjNfSECjK7fQU8S_N__VKYvp-EDdbXIC4myCLXxVn7lxwoOz-8YzM-vh5VRVRjZSaglQP9ZpRkgWw4sI-Rwo8TdVyoPPXAGlCTAvS_K1aQgRwpoHSGP-s7AQoxcSK0K04muHM6W9z2zzzQ_klBdr-b3IyUKtIviQZgSCnyVceMuLzmXPHIhXYaG36Ll36Xa-opRL22YGa1ijrJTVcr93M3EOhY6JvNqqgJOAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCMIgOGAEBABMgKqAjoIgECAgISAgARIvf3BOljBvv6J4JSEA_IIG2FkeC1zdWJzeW4tNjc1OTc0NzQxNDA0OTA5NYAKA_oLAggBgAwB4g0TCJab_4nglIQDFfOMgwcdrMkHHNAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=A4irxivBXAY&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_rGr4yRYxRqQAoRWzL0W_E7UF6eWdjk5_jJM20xq4z8pDWZlcFh4ht9hPl_7rjERYRACKESiDGAE&cbvp=2&vis=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame A714 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h97kc1y2z7aj9w47a0acerxhk09n3db5bp8tkjhjdkqfnd5fk6tqst03ys78veh884m8wxp6723s6hvwtraaqs2r114qy8shcsgxyzpk9mznq4eg2bvgj405e7qr4db12fyr60j0nr29f5k45jkamwp1f78r85sevqk17wkk8bpkm3cmwd0ta2sdrqx14e9va9paqvrt6rye8ngbsbhagczc48jasj9nppnqbx6z1r17fc4sy6xgj396vzmhn3jzzw941tkj9gj3pgnpwpd4a904382a0k5dqyz6wbbbjda7r0dhdwr1nt6t7357ay07c336kwx0067yzyx5qb3bat7za56qfkrsgv2ymwhwnwp42g7vsvj85g817pxjxcbczf1he0z&b=ZcEeVwAOfl8Hg4zzAAfJrHTN9I5FMMJDzqcjMg&cbvp=2
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Feb 2024 17:43:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dai
as.ad4m.at/ad/ Frame A714 		0
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://as.ad4m.at/ad/dai?ed=1hafdm8d5nstyt52ymq1fmq3q37vr4fxegh70qyanxzkcntb3kv5n1yahtyxtn7vagsd6rxjj7aa489hvd4ytg4cyv7pvxn5733ag3y3s9w3h7zbbsykg65z8habhyfb44b1a1hvw6f3qtrmwja0fg5mvhpq189faca2bxfdvv7k1n3ege4m7qzpk4fxx317nj6tey3b7phjm78zkpx9jmxsj1wjbn28nfqey4p14pt00t08wfb0vm38yrkbmmvb35z9a&cbvp=2
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via
1.1 google
cross-origin-embedder-policy
unsafe-none
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
850cf54a9d87917d-FRA
expires
0
/
partner.blau.de/a/ Frame A714
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONS...
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681921X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtet...
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681921X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:52 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681921X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
date
Mon, 05 Feb 2024 17:43:52 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
adview
securepubads.g.doubleclick.net/pagead/ Frame A714 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC_s4Vx7BZd_8OfOZjuwPrJOf4AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQJ81Vyql_-xPuACAKgDAaoEtAJP0Pzx47U_qpWVL5B1oWZwFMrELYQcQW6y04QwwyVZ5K7YsrYqp1ikJ_eXUssmheDTTD_UNnoPRG8I-g9hBNPM52yZ6u7M5wp9pDC8cOFa81h01TMj2dBYE4wBU4hu9U_wMo3KkoNqvzhOf7s1R_CYug7VsEXcDPr9ddx3s8zUCR1xM8KQi6P5-loxjNfSECjK7fQU8S_N__VKYvp-EDdbXIC4myCLXxVn7lxwoOz-8YzM-vh5VRVRjZSaglQP9ZpRkgWw4sI-Rwo8TdVyoPPXAGlCTAvS_K1aQgRwpoHSGP-s7AQoxcSK0K04muHM6W9z2zzzQ_klBdr-b3IyUKtIviQZgSCnyVceMuLzmXPHIhXYaG36Ll36Xa-opRL22YGa1ijrJTVcr93M3EOhY6JvNqqgJOAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCMIgOGAEBABMgKqAjoIgECAgISAgARIvf3BOljBvv6J4JSEA_IIG2FkeC1zdWJzeW4tNjc1OTc0NzQxNDA0OTA5NYAKA_oLAggBgAwB4g0TCJab_4nglIQDFfOMgwcdrMkHHNAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=DlW5nlUoURA&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_rGr4yRYxRqQAoRWzL0W_E7UF6eWdjk5_jJM20xq4z8pDWZlcFh4ht9hPl_7rjERYRACKESiDGAE&vt=10&cbvp=2&vis=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5378 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:30:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6673 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:10:44 GMT
etag
48472445140208031
expires
Tue, 06 Feb 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DF49 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04205a936490981e508abe3d89d2f6231c9ae39e969fe46322f0826d7fb59aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
/
partner.blau.de/a/ Frame DF49
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONS...
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681919X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtet...
49 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681919X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:52 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2024020518435292974681919X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
date
Mon, 05 Feb 2024 17:43:52 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
adview
securepubads.g.doubleclick.net/pagead/ Frame DF49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgENWVx7BZeD8OfOZjuwPrJOf4AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQJ81Vyql_-xPuACAKgDAcgDAqoEvQJP0DSMWzxrxytRm4tkxhxQyXM7WpHdYfBwfF06r2RfzHFuLqV9jgCFJY9IgCnONYtDrVdygmojUmGxvpd9Xs6PbsZDzBFO2q6o50p7wqvxn_9la_TGC7eoowi4IPYms8lX2XqmUr-x2nnjQDuPVYsJ81blSV5B8Xalng-gBxeru6SGAlVVAMX7Hmvqrb8JFx0u64i1F583PNbpYwtu2d598gVsfr_nr4CJRLpBYkx1LhQUhWRLFK_s3OfRyh3UVoHBqrHpaoTDMxhzbCy7NWpDnwUdn8SlkCLbrjJoZfkr1T0_4EFk8c9MnWkXFUjyUPtJjlJNwgkcjCDicmOtevaTqq00QIYpu5RN7rSQNgQtbkoz__zaPpgfiK5sWiDgvtiRsEdIIDVdhBZRIWaAQhEf72aGrJjsLkkr_5Z48eAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCMIgOGAEBABMgKqAjoIgECAgISAgARIvf3BOljBvv6J4JSEA_IIG2FkeC1zdWJzeW4tNjc1OTc0NzQxNDA0OTA5NYAKA_oLAggBgAwB4g0TCJeb_4nglIQDFfOMgwcdrMkHHNAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=yy6ipm9ov0o&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_rGr4yRYxRqQAoRWzL0W_E7UF6eWdjk5_jJM20xq4z8pDWZlcFh4ht9hPl_7rjERYRACKESiDGAE&cbvp=2&vis=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame DF49 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gbtvec62bfrw2k5hn3xffrhdsjqxg3nc234v53wwz2ree1e6453ng78b195nqzehzt58q63rt78h3yb0cyx5ezxn6hdk3cve8zet9qad2xkjfqpatw608z3sn0bdr82jcmwjzpje6bq32zgj53g62qa380b567zz2rf4mcxm7r452f2mzy7t8gneew76zq7ragsge2tpr53gc1zd8mdbh23f0ey4dxwybcgkbw3zm8e6ktjcnwjyxmyfeeb5289nh9ceh4fk02vsn894995ynkp4t4m8t4wrj3477aj2ct4mbcjv4ccv3e96zf5gm2t3yf8h554ar3tjnvem5gtz2fsac2jgvkv08v50psg390ra10f6np4s287psja9k5kqszg9307&b=ZcEeVwAOfmAHg4zzAAfJrGOh42Hj2XN7JqyKKw&cbvp=2
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Feb 2024 17:43:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dai
as.ad4m.at/ad/ Frame DF49 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://as.ad4m.at/ad/dai?ed=1j3xn8ewxp7t7ty5sjt88svnvz0svs2m9j7cv05mnfzqwvjhv32zvnbwb8rq3trfzw6zgkrzb2shmfqphhgjke5rmwetz97c6s0f6ptc2xg87v8ewkvphrrwakn8fy2zftw97acww5t7jky5vs8arysws3xyzqyxpzyz3k1caskehqdw5w0frfr9cftge7zq5z1x2ykrrxq1n5rzd0ta0kahth0cdsv630b6b8316mnj6jg0phawdesfy0afw67468fe8&cbvp=2
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via
1.1 google
cross-origin-embedder-policy
unsafe-none
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
850cf54abda4917d-FRA
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame DF49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwG80Vx7BZeD8OfOZjuwPrJOf4AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQJ81Vyql_-xPuACAKgDAaoEvQJP0DSMWzxrxytRm4tkxhxQyXM7WpHdYfBwfF06r2RfzHFuLqV9jgCFJY9IgCnONYtDrVdygmojUmGxvpd9Xs6PbsZDzBFO2q6o50p7wqvxn_9la_TGC7eoowi4IPYms8lX2XqmUr-x2nnjQDuPVYsJ81blSV5B8Xalng-gBxeru6SGAlVVAMX7Hmvqrb8JFx0u64i1F583PNbpYwtu2d598gVsfr_nr4CJRLpBYkx1LhQUhWRLFK_s3OfRyh3UVoHBqrHpaoTDMxhzbCy7NWpDnwUdn8SlkCLbrjJoZfkr1T0_4EFk8c9MnWkXFUjyUPtJjlJNwgkcjCDicmOtevaTqq00QIYpu5RN7rSQNgQtbkoz__zaPpgfiK5sWiDgvtiRsEdIIDVdhBZRIWaAQhEf72aGrJjsLkkr_5Z48eAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCMIgOGAEBABMgKqAjoIgECAgISAgARIvf3BOljBvv6J4JSEA_IIG2FkeC1zdWJzeW4tNjc1OTc0NzQxNDA0OTA5NYAKA_oLAggBgAwB4g0TCJeb_4nglIQDFfOMgwcdrMkHHNAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=0j6JmXjGtg8&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_rGr4yRYxRqQAoRWzL0W_E7UF6eWdjk5_jJM20xq4z8pDWZlcFh4ht9hPl_7rjERYRACKESiDGAE&vt=10&cbvp=2&vis=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C8DD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoAlXuY_lS7rFH3ZDiAGkE&google_cver=1&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7nMqa71ivTlleJ2
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7nMqa71ivTlleJ2
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 05 Feb 2024 17:43:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmQttzrRcAZYgNwMCiKp60TmYsqoz93RLNuNdGTq0FgUdWtJ5W7Z3mFIPx0uUoe6ykuzTZ1aa7loOF85f7nMqa71ivTlleJ2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Feb 2024 17:43:53 GMT
sync
x.bidswitch.net/ Frame C8DD 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBkEgTkKxOVN2RrQ_Bm3uVE&google_cver=1&google_push=AXcoOmQStajMjl_TyUUyCXLzx5uCWTK76PBknEuNGdVj_0uEWHIqoydlgDSs36XVxNHY8xVNPqpUw7q4kvtAQK0X6sAIzCSEycw-
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C8DD 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI47xr0hK1o3HhF7HUjpWVA&google_cver=1&google_push=AXcoOmSwY_RRJXDol2-gp9CAH1WZZJ28lK-_E9ZVbirruCN4zY1YtsyPsVSiyZlrE08o4nLjnBWrLaKDC_ingXtBYllVhJvOU6-2
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 05 Feb 2024 17:43:52 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C8DD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJeCfnY2MOtWOHavbqpmXg&google_cver=1&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFGkKH2OorLBzylXOMt83ybR91sA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFGkKH2OorLBzylXOMt83ybR91sA
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmR_32lR42qGmQzbFb4kotkYUB9FhSW1DZv0KNvOTV7OkPFNexN2JA2RlwmqCif9jAEypFGkKH2OorLBzylXOMt83ybR91sA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame C8DD
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71&google_hm=IHKnAGZHLSjECmypQa-YTTTW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71&google_hm=IHKnAGZHLSjECmypQa-YTTTW
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTD6BkIHPMGObNeBsxapzVDzCM9-wLlGHYj2NieAmkpA_XB3ZEo0WLHLgZInvS3Up2eXp2ohN5ZAK-Vgs-MMpEzCWEjLR71&google_hm=IHKnAGZHLSjECmypQa-YTTTW
access-control-allow-origin
*
date
Mon, 05 Feb 2024 17:43:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
pixel
cm.g.doubleclick.net/ Frame C8DD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGiHUWFVHC9Ao4sanWf7c3M&google_cver=1&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKK...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKKpoi-vXyW6CeLUC8
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKKpoi-vXyW6CeLUC8
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTuVh5o-cM_rsCGQ1t6vJmrWq4spjXVYDIZ9GEV9HBzc8WIWgaAg9xTdpPvvTNsdYDRFj1xeHOYbJKKpoi-vXyW6CeLUC8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cm
cm.creativecdn.com/adx/ Frame C8DD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS9CToB5QRbUf7hMVC6gZEZq6yGm903LkRe5c2B3ACx4r2F8VaFWYSzPUWu9q0Sbo-a4KHXFcLpsCGnbh6Dg...
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS9CToB5QRbUf7hMVC6gZEZq6yGm903LkRe5c2B3ACx4r2F8VaFWYSzPUWu9q0Sbo-a4KHXFcLpsCGnbh6Dg...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&googl...
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT, Mon, 05 Feb 2024 17:43:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C8DD 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFBmGymnRFOM5DGO-H8oXGuOC-SMLSq9TaDywfUlFNrTOspYPCg_3uMcaQDTxksNlDjPds
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame A81B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:52 GMT
expires
Mon, 05 Feb 2024 17:43:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6673
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc1qzw-DIa37QcrVPsmk3XwQyRBTeNEA3okq9E47zKZU23JM7JZh1yI
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 17:43:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmTZaTnnu-qLx_g1Qgo7zY-Aa2CzaZzeYtxCXcmf3zc1qzw-DIa37QcrVPsmk3XwQyRBTeNEA3okq9E47zKZU23JM7JZh1yI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6673
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmk...
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmkTg5fk5q1l0GWg&tc=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmSKN9QufzMGf1fmDcdpUCIc2qTdRUbnQ09DKrQOpeq-dzj-ku14_v3IgtTjxfYEFishsiGLUrKtWJ8ykaVmkTg5fk5q1l0GWg&tc=1
pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT, Mon, 05 Feb 2024 17:43:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6673
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDUny11NTICbDVF25ASiCJg&google_cver=1&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPa...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPaPrVzX4g&google_hm=eS1sZ1VuWWRkRTJwR1Mx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPaPrVzX4g&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 05 Feb 2024 17:43:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRLk34kWDkJ-LEd2-w0le4K1To-kSDJRm3c7k418dm3zUX8SIOAr4BK290RtCj5Bo0l1gfcTGgP_PaeqD_TqK8BsPaPrVzX4g&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
content-length
0
dds
rtb.openx.net/sync/ Frame 6673 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKsV-bFm8kTzXDtrtZ_ZlSI&google_cver=1&google_push=AXcoOmRM2cyosS4diYT-ek3UrQH1BAaRmi6D8ecPxkncyebVxohTOqrjxDGII9omRiKqzIm-hgk37ATHpOCnb4HoD1OXZ4ZeqS5mUg
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 6673
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJeCfnY2MOtWOHavbqpmXg&google_cver=1&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7xaBQ6FPu7wIWVyRu1oR1VqbRtZQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7xaBQ6FPu7wIWVyRu1oR1VqbRtZQ
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM5ODEwUFEtSC01NjhW&google_push=AXcoOmTBBRJAWu0Ekb5n5Ux1ogPA9aoHAPK50d0x0Qff0Is_vVqgEH9oqoRfsC3dQibUeIe3DD7xaBQ6FPu7wIWVyRu1oR1VqbRtZQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6673
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbD...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEED4E52zEJnpw8qeyQjD0U4&google_cver=1&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbD...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw&google_hm=IHKnAGZHLSjECmypQa-Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw&google_hm=IHKnAGZHLSjECmypQa-YTTTW
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQVkT9jKgyoqaOqO1KJ-GMPo9Zo9XUJtRSYXx_JFLp5j-AEuvkR4MndBaFTDKLb3SPJvOVEH3CexKbTc2PbDlaQIjArPX6EIw&google_hm=IHKnAGZHLSjECmypQa-YTTTW
access-control-allow-origin
*
date
Mon, 05 Feb 2024 17:43:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
cm
cm.creativecdn.com/adx/ Frame 6673
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS2J9YujTz8Zry8VVGYSRfCo-sFsJYQdOhB4gkc3snHhvaCca7IWPTcXbZDYcNk79YxmaEYdYgHisndqaIf7...
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmS2J9YujTz8Zry8VVGYSRfCo-sFsJYQdOhB4gkc3snHhvaCca7IWPTcXbZDYcNk79YxmaEYdYgHisndqaIf7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&googl...
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT, Mon, 05 Feb 2024 17:43:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6673 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDgQYHYcg4CGrVTglfUfgVIHcKcoXLI51MdotzBSF_wDDcNivMh8i5yOWqAuQOT0kEo9zc
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5378
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:52 GMT
expires
Mon, 05 Feb 2024 17:43:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155033932&cb=0.0033963021095073653&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf552196035f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155033933&cb=0.7565835245771775&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf552196135f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646966041291721&correlator=714081407294522&eid=31079527&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&iu_parts=21715141650%3A401774271%2Cdesktop_side%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%7C120x600%7C120x450%2C970x90%7C728x90&ifi=7&didk=607649711~1256112902&sfv=1-0-40&fsbs=1%2C1&sc=1&cookie=ID%3D5a28b6c48c3867bb%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZqdi1sYpK8nd2LcWQ5VRVuMLxCbQ&gpic=UID%3D00000d50cc3528d9%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZfJfcqEgWifTojETI9pqjhFCgHYw&abxe=1&dt=1707155033938&lmt=1707155033&adxs=0%2C0&adys=0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&vis=1&psz=1600x8680%7C1600x8680&msz=160x-1%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=true&cbidsp=CqYCCAESHgoLc21pbGV3YW50ZWQQYyACUgtzbWlsZXdhbnRlZBIgCgdkZW5ha29wEHggAlIIYWRrZXJuZWxSB2RlbmFrb3ASIwoNc21hcnRhZHNlcnZlchDQDyADUg1zbWFydGFkc2VydmVyEhkKCGFwcG5leHVzEKMBIAJSCGFwcG5leHVzEhQKBm9uZXRhZxArIAJSBm9uZXRhZxIXCgdydWJpY29uEK4CIAJSB3J1Ymljb24SGQoIcnRiaG91c2UQ5AIgAlIIcnRiaG91c2USGgoEcm9peBAfIAJSCGFwcG5leHVzUgRyb2l4GAIiJDI4OWQwYjRiLTI4NDgtNDEwYS04MjYzLTkyN2IzYTQwNjNmNyoECAMgADIHdjguMTcuMEDQD0oA~CqYCCAESHgoLc21pbGV3YW50ZWQQYyACUgtzbWlsZXdhbnRlZBIgCgdkZW5ha29wEHkgAlIIYWRrZXJuZWxSB2RlbmFrb3ASIwoNc21hcnRhZHNlcnZlchDQDyADUg1zbWFydGFkc2VydmVyEhkKCGFwcG5leHVzEKMBIAJSCGFwcG5leHVzEhQKBm9uZXRhZxArIAJSBm9uZXRhZxIXCgdydWJpY29uEK4CIAJSB3J1Ymljb24SGQoIcnRiaG91c2UQ5AIgAlIIcnRiaG91c2USGgoEcm9peBAgIAJSCGFwcG5leHVzUgRyb2l4GAIiJGZjN2Y3NWEzLTRhNTctNDNhYy05NTY3LWE4NjAyMzM4OTYxZCoECAMgADIHdjguMTcuMEDQD0oA&dlt=1707155030533&idt=476&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dsaopaulosempre%2Ccom%2Cbr%2Csaopaulosempre.com.br%26pathname%3D%252F%26placement_name%3Dside%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26tier%3D3%26amznbid%3D2%26amznp%3D2%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dsaopaulosempre%2Ccom%2Cbr%2Csaopaulosempre.com.br%26pathname%3D%252F%26placement_name%3Dunder%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26tier%3D3%26amznbid%3D2%26amznp%3D2&cust_params=url%3Dsaopaulosempre.com.br%26categoria%3Dhome&adks=3974113285%2C102263104&frm=20&eo_id_str=ID%3D2b10264767b30130%3AT%3D1707155031%3ART%3D1707155031%3AS%3DAA-Afja2lfyo04KBi_8ypjTzdEOL
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3c91685b0e9e0d8c0c5175a21c349e0b66da7d9a67d8c0d31825d1851b988fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53590
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Feb 2024 17:43:53 GMT
syncframe
gum.criteo.com/ Frame 8F0C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=saopaulosempre.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:53 GMT
server
Kestrel
server-processing-duration-in-ticks
448752
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Feb 2024 17:43:54 GMT
sid
mug.criteo.com/ Frame 8F0C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=saopaulosempre.com.br&sn=ChromeSyncframe&so=0&topUrl=saopaulosempre.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=RWylBHx3MHBDcnM1Zjg2dWlNbHRJYjJuWmtkbGcrc2U1aW5lbkRQWFpvbFFQNVhaTjNCcUc5Zm12TkowTlV1R0k3UzVBS1F3L2kwNE9FRFcyUjNDa2VldFBxVUdOL2wxZXBlWDFRb2NKZjNCc3RmWDlsUkRyRWdOVXdoQ2...
457 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RWylBHx3MHBDcnM1Zjg2dWlNbHRJYjJuWmtkbGcrc2U1aW5lbkRQWFpvbFFQNVhaTjNCcUc5Zm12TkowTlV1R0k3UzVBS1F3L2kwNE9FRFcyUjNDa2VldFBxVUdOL2wxZXBlWDFRb2NKZjNCc3RmWDlsUkRyRWdOVXdoQ21jbGE5OGsvelhOQkY2QTJrcVduS0Y4VFVGZU9XZDhwQ2M1endEeHRoQWVFOEdySGwyMDVFVVJZbk1iL2Z4aERYSHR2RmorVjVwTjl1ZXBSdlJTWTI3Z3FMUkZkNDNHdVRDZnBTTnJTdDVJY1U1aE0wNHBQak4xdXo4R2E1dDdLWU81V2hsT2NpeEFOc0RoLzcvRXpCUWhqeTdpUXBzc2dwMjVzSW9GZ2l5YXZoa2dyL1JoOD18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f0d3deb205cde7ee7d4f0b30b680b2f56194151f6d2ff84961675b69cf2d3042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2794036
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=RWylBHx3MHBDcnM1Zjg2dWlNbHRJYjJuWmtkbGcrc2U1aW5lbkRQWFpvbFFQNVhaTjNCcUc5Zm12TkowTlV1R0k3UzVBS1F3L2kwNE9FRFcyUjNDa2VldFBxVUdOL2wxZXBlWDFRb2NKZjNCc3RmWDlsUkRyRWdOVXdoQ21jbGE5OGsvelhOQkY2QTJrcVduS0Y4VFVGZU9XZDhwQ2M1endEeHRoQWVFOEdySGwyMDVFVVJZbk1iL2Z4aERYSHR2RmorVjVwTjl1ZXBSdlJTWTI3Z3FMUkZkNDNHdVRDZnBTTnJTdDVJY1U1aE0wNHBQak4xdXo4R2E1dDdLWU81V2hsT2NpeEFOc0RoLzcvRXpCUWhqeTdpUXBzc2dwMjVzSW9GZ2l5YXZoa2dyL1JoOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
288289
content-length
0
expires
0
container.html
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Tue, 04 Feb 2025 17:43:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F847 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:51 GMT
expires
Tue, 04 Feb 2025 17:43:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 52C5 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame ED02 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED02 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZZuSV2XEtLVMctXYZLYhPFtpoksbJaqvBRRs4qtLFsJXvO7SGSEG1OpKiwzJKIrR0y5kxnSULLsOw6JNY7zBFJrWrpD9Z3eQCoWJ55k4hUtYHjlk
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame ED02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 14:14:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame ED02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:28:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ED02 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 78AB 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:43:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F847 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Origin
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 14:12:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame F847 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
77598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:10:36 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame F847 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
77692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:09:02 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F847 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
513356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame F847 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 14:14:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 00A2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:10:44 GMT
etag
48472445140208031
expires
Tue, 06 Feb 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame F847 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:28:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F847 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4N1K_elHK8mrw5SdbnVoWlvB5xagrYQ7hwhtEyyvl5nu04fngNojEv3G0wf0WuSJguPH-gTWZ59pG2xAE91gEAlCDtxSsAhjJTR4yxAh_lHszyZw
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame F847 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH7UX2kPHhoVG4_BiJ0_DYoG7u_h_SZr1cnI0yBmxBiTdaCdb4wQl8a4H9j7-re8fGqAFU02zb2lpyDMdXyhL4o2aorQ
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F847 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:54 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 00A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1&google_push=AXcoOmQb4Q9YwlFWMKdDzHEbNq-gfnqwwYM8oEZ0GNGVTk1pDooiC3M8yntI2ZvFtIYtgSnKQDVC9j9HTXn-neECLwbiH2eS1dowcA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQxODMzMDk2ODM1MjIzNzk4NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Feb 2024 17:43:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKlM7WOb_97qHKdiDe-pI0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00A2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoAlXuY_lS7rFH3ZDiAGkE&google_cver=1&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXdLVIlrYHVPVEEHVA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXdLVIlrYHVPVEEHVA
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 05 Feb 2024 17:43:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA41013782F248CEAF86B444809ED545&google_push=AXcoOmRr4I16EH2pczTJJTGYErjAG4nCzlvfz5AiOV4N_iRneiQ5G-F_tix_Yr7XtduJ-D3tp41LGnspJep1eXdLVIlrYHVPVEEHVA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Feb 2024 17:43:54 GMT
google
match.adsrvr.org/track/cmf/ Frame 00A2 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPYiIj46xKeB2Gi3a7E0LeA&google_cver=1&google_push=AXcoOmTquYt0f8rtvoQHNTMRGwdI5LFx-zXWs0B2jxr_IKmnmm4723qaoXvC735ZpY1nbhCDkeF9H6pAw2VL-eBbgb5XkFai_Re3Yw
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 00A2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmRYRM0JpPASQ1Cx0g_mXC-8o9RDuj-G8pMHv37G1FxO1yDaTAffzhHc0_0javgkiTAy-rS57C3ibcQITSSRf...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmRYRM0JpPASQ1Cx0g_mXC-8o9RDuj-G8pMHv37G1FxO1yDaTAffzhHc0_0javgkiTAy-rS57C3ibcQITSSRf1_vQNsZWRILeg
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=K9yXaN08htbgK9oUBr5U0ohGWQ5vVUxQ3DSMI18qJlY&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEFNzXRxYxSau3GJc6jPZ4d0&google_cver=1&google_push=AXcoOmRYRM0JpPASQ1Cx0g_mXC-8o9RDuj-G8pMHv37G1FxO1yDaTAffzhHc0_0javgkiTAy-rS57C3ibcQITSSRf1_vQNsZWRILeg
pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT, Mon, 05 Feb 2024 17:43:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00A2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDUny11NTICbDVF25ASiCJg&google_cver=1&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5Uj...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5UjxCHiN&google_hm=eS1sZ1VuWWRkRTJwR1MxSm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5UjxCHiN&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 05 Feb 2024 17:43:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRMuJaP0eITn5lrXoBn4C2z2k4FpXf-XeEvhVBTglF0kxH26xGZy4nUwixRdBJ0PsJrMLBV2_BSsFYXLaVHIiU5UjxCHiN&google_hm=eS1sZ1VuWWRkRTJwR1MxSmhCblFQMmRaY0x2eFZjM19MSH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 00A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCP...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCPDi5DhljZTiIS7BplnDq5Bg
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmTrcJr9_bNouENdyLlzZvYCYOwWQV19UlWjPX8HUuA2AJJb1VBLgoBkZKRKa-e4KSoqemCA1VCPDi5DhljZTiIS7BplnDq5Bg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 00A2 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKsV-bFm8kTzXDtrtZ_ZlSI&google_cver=1&google_push=AXcoOmSr5lhtl-B-14IBVrETZL5qvTJijeYrrR5fqjt5UhBp0PPKFw0d9JMQMH7oXwVUl7pzTciav3lY26w0cCOlQmA9jgggk5WEjg
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
attr
cm.g.doubleclick.net/pixel/ Frame 00A2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lco_erKd2y0iUKkY_u_MIHR3W6AxH4C5cE_XDFH3g-78bu-FBk58K_h4ol9HyVMXFVpgRK
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4F47 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
513336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F847 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86b7dab44342ee15ca8ee2da12ab1d3deb3f74b3ee66f24282490ff8fd9f2a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 52C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19DlXFzbAJtRKytspUUvBCtMW4%2F%2BXCZv%2FLOKa%2FObmokgPCW7ga9mh4T3%2BlmWS%2Fdcnctsn7lFv2m35no46uJQwV0ASFFrmygCYK5mtK0BT%2BIVHy1ETBNk4wgP9HOhFt%2BJcPR8pTJOVsxQ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
850cf556285f9975-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ILgLyvj3qs0craBxb3d7%2FCSHUexrNr0QwYWPIrkulQeqdZcmZa7bqieRwU8jCvZmeQRtCkGnS3AVc13ZH9WZOXkdtGJWZeYWbkniuDyM0JDR4s0jlolGYqsraDjrmkP%2BTfc3imMeHVAUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
cache-control
no-cache
cf-ray
850cf555f8199975-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 52C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcEeWj91O-I6C7pV-tZH4gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5QW0gkaVj%2FIBgmXwPpf1f1vE%2BYJjI2HRbnK3LRzWNbV%2BO1xbY2jUjlnTt6tL%2BzNqGJUt5MK5JYoyPQ3Ef905tV8r1IVxpFYqsh6hCOfJJpIK8Q5ArSeJYtnT0Je6v22jEb26Xo9b6t9Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
850cf5569ec51c09-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 52C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
an-x-request-uuid
ede30349-0442-459e-bad7-44d98a423a88
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 52C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNXHMk_we8nuQXC75WCG2p0USppEPT6hi1mWkURJgyIfeXup8K9Se9kADXdi00EOdkWLTbp2CoCP0WXXFfA7IfZMpJ_0gEZPN6dDIo8ASvG2oDnMMgOk_v-CGdt3eWqgEZsB-SbM1XaBJkJefQHrj9jXOwjVIFXq11uKkc4H-feDhBWnd0eUYX-0-Nv1Vib_KltXk_MzPXx6omQkZ3Rhb01xtFZuwQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
an-x-request-uuid
638bd5e2-5206-4ed4-86fa-eed7eac8fedd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 78AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5T1%2FF8yPlSthxqLq7EthIQeIVI93U%2BGrHgt86jMhNgSBpfQGspuHiEwQwh5DmPDor1Muhr6RPyOauMeYAw30VFUIkZ9haB9kRlaJHwDWBwEqwnTliiWuwNk1uyEU2flgVNHhmG4TCQx0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
850cf55628629975-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfH80BDdGJce42OaGdNdYcsXzqOYQqpJOSjMARF%2F6sifVmUVzOxn6MDIugL63yh42HpqO%2BOhENTIy8iK6LYuNM0YIKqrF9Dd6x4Rr7jPp7X594Mn3ct1CzGdniMWrWRT9z2e95u2PR%2Be1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1&C=1
cache-control
no-cache
cf-ray
850cf555f8189975-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 78AB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcEeWvsLnnKaTUyv7xM0mAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beIBD%2BU04ELswEHlLzjqYm%2BEY%2BIz6NktSSvLYz%2F8UjbrJUFmF40iMySzNQjomDSXR6KQXIFqNDyD1LyF5WDEhJY%2FJZmIoAardlgsnMgy5y0TH8e03rPgp%2Bfv4MHPtxAmemjTjuxRUmIEaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
850cf5569ec81c09-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGimdEF2Go9Mv3__WYWyzco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 78AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
an-x-request-uuid
39f668ec-d291-471a-9c51-60a33120121e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGUJ41tdKo0lUVanpZqJQdU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Yo6LUrwEwAQ&v=APEucNXI5RpP8hiWGHcUgStncdmSq5lSSiwVBc1doTcBylDADF435B2yu3ncW3WzX4QReRfWRHyTIrENmtliRdRFqoM6zgthSIke87eZ4z4ZbPa_SiBjFR_7E_nfG04rDkpkCom5xWA0_bMqqnkr_EAoiaeG7e9rKFmb3HgeXx60Qyh--YuMiZlEH1CEgU0oSxdOEfOgksBolZPY_jICg_jCDrDwkcK-ZQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
an-x-request-uuid
e7ab197e-e573-48cd-b431-6dbbcf5725d9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwNzcyNzQ0NzAwNjQzMDYwMw%3D%3D
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1969556844073&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1969556844073&version=m202401290101&ct=76&x=1&cor=4589270900344061000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame ED02 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cv0xc5or78t9htM3JQjFOfJSpEW54ouM14uSC_ZS4pGEZ4hfld4i1ouF4mkt5PF9YUHElhiJT1-3EznmaH5PipQMRtCGFTdpcgc_VW0GPDdXwzDvO_1TMK2bGnoqu2wbj3l1tnE0PqoSSRU11CwOm28upHlj9WoyuGnM_1_NVzpVe69oI&dbm_d=AKAmf-Dg1kBOOjcpbW_PsqrcfpwIQO28qSkMglKcmTt2Fa7XfzKN_LaE9wt_QisgDbmoVcyd5es_9eZBxiIdya2jTqxtDNM-DuFHlyRKDpiRxavgLy1E3zZv6k-DcsWvFTRzEYwuh5sT3HLYlMa8b2o1LYLKCfHj6LGIJmGd-6ARHlD86pY1pGje2q5-w05ZXY_f_Ocs08L38y0uER6aqn4U7BH0HsdF-9tG4WFT8dIHSIuKCxtzUeLveSsvcf89-lJoXqsIiX-J0QiGTN5evwJMMNpPDV5qeHQQV_b0e26ootD9KSLxHKIyY07MY6rRc75QOCpB07BOh_U2f_nrt9DcCsyDi75hmAhFbNce_3lhq1MsAbIUQQxmZ0yn-sQvpwco1Q5nDaBcipMdiQ8VRRmzqncnf01s93igp-rRVYOBcXM1n53z17BUe0OEqWn-MZrIzL95ij4E7ivyoIs5I8XL-iGFB2wh_ExCU19jk0MmEuDJNA3om8zN93bHxWFbfkJ08RhcmymsKYgoO6dLy_4Zp-jwd7svnr-fcA9TuG1JX6E5VjIu0P37AeiAnH9HznDT-pTBTtG_deEJhcVLthQ5Jm-aLZo0sGeWLvqJKo2V0588j1WxaTIjQFB3y9mLHCk--EoFOvRI1fXT8JZ9x5lezUV8WS1USIKH-1EGUMakB_fr3vrsDyezyGlBki_btHWzC2EQ-SR7rTzqQCsSB_HkMPMBi2hZtBwvN87oqiNlj_wrPou1EbMK1aH9VjVLLfN7epoIBxj4p2VJThWDgQzlOnenQkWEXfNWQ5tKYfqZB2FdsHG4BI9nwDiHqRh8S9uazSnvkA88d_-Tt5-vXriJOjGRnJXDSEZhs1IDyHt8McBzAY1znn62K9t3Fa40Ydie9-6wJSl9zWawUolU9KUknyHJqTXh95dE7-nbS2TWP1sKK0LfpRPfaPtT7uF9WRZZ9g8iNY06o4xToxPOv7CrSzqQfy8p5UGQF5vhN__cj_DIvQFD3P-GyLJMjH7UyD2LPapN2z3GFoIO4RC7pNNXxVwLXORpkQtt2I9xe4JtC2A2bOdqgkrfrVQyEU087uBuSA3sZ0TiEkhCtRDdyI0Po00XLEQUDUaxapbA3cIV8nNIcRtXVjq3QT4nTgZ1goVeBA24a291E26yhBGkhHdi2xf6CVAWR8mWZdJJGnQfECEgQ-AcvixnoEfG3t7SeUsfkSeBKz5AnN5DLQLRgXUkJSxium-hBSpKORPlvRfBd-B3AZFuk-ihjoOFfPJKborJQItqvZ8SDLLbf-TAYYW1Ttd8bNQuDcQObeF_icjj_XYOshmQ8_gyXEG1vOWBV46Weyi3WQuBFZhZu-untETCz2CAzLxhPBqJKK11qaRTlifZ-ZtFfVY2bmuTF08AGnd7uZV19Zrc1kJNORLHQniPGoqbN-zdRf3vTzAl8uncj1KWcDq6GRqavcg9n0KJquVOYjP4kFq3qpjRdmWBNPy9pQawPrBekenySaa1f4JnUIa9o58ugQpRDb8dtjXxmgqKxc3_wkVzWscfuaK5nTTQAzLDK5RGtMfzrbIFyWBxhoDmxNR7xNvQUVCC3VvQxQl-tRAEPOqLsSkKcmpxPqUXf_WOUMZ1Se2Du6UWbH9oYsS-3eC8NkG0rsJONBVmU0cQs3cyXMsuhdW1SN441t5uN__pWp804zy5GnKMpDUssGv7giLkzHRgTP0towoP0Q7zXiwTSLS6vyKPGybTp7EKPJxdO2Yjd6gxoYzasTznuqSmJql_ZU4_sxijeWKyTdesG1w-TD0X2u0IRe1Cck9lW0Wj9dMyDZpKlEz5WiOvFzRxJvvRoYaPZi1qntYdwTbLMEU6-waUmZ-UQF6FerD8ratdKL3jmDAYnZzpw7euCKRGxGHFfq0iJDyvFrz4qtzr58D1HdKKkCNaqaXQBew1bGM0bYzr6jyIj-A3H6q8ZeOtb5LDX8xL7aqc974lkU6pklu_g4eZjgyMDGyi3XBKaWS1hkcOuLi4FEZvS9mYUJrNfiJaV_2CJS8uKTcoTUzfGoMa03cQtg8y-pOcWVS9bTz9VB7TYmKP3WbtTdJKtsVdhdHkNzRaqwhvjm_TTlNmYKXGdqaVe3h4gusSd35MGT3JULqvJMkVCROqIoa2jxrn_SQiTTLTi5Vs1v9lzYkC3bWUKHuC4XQ9091TkjL9ZaYbyzivGOl4-GRKazi3c4q62j50YGjcZWyKU3vawv5Dd-iEHBkluuxFXAPdEIW4gGYddcMzNmKRoRrJF4Oe0yCKaRKGTcPf17ZxEol3RFGixQC72wxdoymoxBQmzkF8x9XiYgpvWuudMu_CVcrpC3bKHFrnAiuw_oRkPdpwwKxpTsTSBe2v9UammT1brmvbJ4w5hHyb-VRS-zjyhkI5f6OGJBnLTgWfUfM1fQExO1ShtAZv5t3d3WKx1hXU3orfxbAXsgIcUhcBZaU1n-2xdyH5hp3IC2-epixWNCydgtmCP-uItVqSnx_V7IwtstSxSpH_fTSm2coHF70hNn13K4QS3fE33_wrusBadyrvMyYmv2YcMp9Eu2PndQo_aU5eo2qh8iZA-OyDl2ghC0hq_6vigkySSGnqL1O8ScWMTSGAleQ-jzcXHkH8tp5bhX1ptAvo4OpBRfzQ9vtYL8wk5qQFydWAEit2AVngTMUdi4QG9DAMDfXWfXUvNhObcg9DFGciMpCjdSUVs7ydqWg3MrScaNoi7MaHggYM5cKxeHAZffbXIF1OnQlSJ8hKR81_ODbk_j2o-6mf-H092Mrhp5ycGJkxjJA1WP7at7fJbYJ7_zi008dRSI__ROQsoeaosmGtuqglEAujt6jZau2aycv7X3bF3EnnL8nGvOBc5KfCqCYx2MU6po1K3cvWg6IwsIXc22g2GnSKEC57DiYnuDrjaFuuiKvdQu5FiJkdoJJbErd4Tc5tYKBv3iRPp0vjaQ-38cLDXTy6Fq3eJF9ety6sz6yPgAtVwWtiSUQqFmwlDWyTmwMs6S_kuq6r8UKwITrxFw-MRqisLo_En0fPsn43trgu9YVxqjilTRDnxFn4F0wFm0yU2hbEaPj3QqYF55K1vqXJBl2UdI-z33EgMSDdg01ud3y9gMBGXtDSVjO6Zb-ABuhmhfsHbOns1SxPlp2OPcSCm9GTtQiqr-TSu9P8dglOWweCZSiOZvhC1t2hCoHk42E0JCBLSa_xnAe5rwzUVdHPLVpSG86w-qMtjRO_qlIwqpL4FV97tWYEVcDC-kH1HMqQpzThcJ92BlVKRp6v5CqNtS9baxJXo7ul71lR8qNBjEcttC-ZDxPFQEv6ZXWCQJ4ZzESYQWBEWxTCkcdmAc1QzzJDpLkXHI6d0dYAQ_e-LiUP7VcLea5AXpRy6TcRzAkOO31douMpOGLvAX4akhffhCen7fWHu8EPG5pfabcdjf4pg_q9OrsgQdxTrip09CMODvW_TlajGRvQ9reeAjFRiiUL3VpG1Cr2pBrNsjxcByaRLTqfHkpJ9hcXyGXrpg7uWgOV7kIubq3ANcDzXpaTO3hyujBloIg7_TjCiuYbVfFu8eQTBTu0A7UpVL2co44fxRDzgrGZwfWa79moA6CVytNwFaKA5cYhayOCBa8pYCKyRTDS4ADloQ8EGUdUWiH3bjE0lm7NApQGJ-POc9ytZQGoDpr21tMYmU-sVATEKUFlyDOdAmaYfkUK0hfCQmf1XnwPianatb6wpyJD2I_w2-MW-zbKpF_pAQ3TJIaIl5qb7066xTw0B_5Du-e9HG0Y9BgshQqW7nK6lInLe5W29xRDhG6-tbs7ZaToN-EVtfphQkHjO1hWxzj2CZhk-owPeSdnIwQy6hGuroQwlRRYk1FwF2NPrbcPlCu-0GC7aQMVt-8jn2hWvBBqFscFkqKqr_UblcHwYBhIi5cm11n4Pw&cid=CAQSOwAvHhf_p3O4G2Hcn7RmksoakQaK2r-v5oQ5_T0a_8au2i6kxfhud9Kde_hWUzbdPOrXuhn4k8UbWD_iGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fsaopaulosempre.com.br%2F&ds=l&xdt=1&iif=1&cor=4589270900344061000&adk=2086295848&idt=59&cac=0&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b1bbfc9822bce47a4582cc9919d31dd4848776fd6e8213cc79756efd0925712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43004
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/16729303103553088595/ Frame F759 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77cbdfd5ca30a3b1bd519a5b12e4ef06fe9dc816a0a9652368e5123247a09cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
514341
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2709
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 18:51:33 GMT
expires
Wed, 29 Jan 2025 18:51:33 GMT
last-modified
Wed, 14 Jul 2021 16:27:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F847 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvEbSdmFR6eUhQmbuippcZpRP3_sBJ2b8JMHEVvlPs0dfQurQQIwg92x7Gd1fA6Xjg0dkYGefL3Yq4q1AFw5G66H6d9cnqCkzkv2sCXwDtg7dsFIYvgW1_kTCwT4gi6vSwVdO-8N5u-fhPMHBT_Sqiv_M3Urso4mWSMlm1Ctt-tV474s_tnZPyy7MD9hO_-7fLLpzH7niYHXef_LEobmYzMt6uu-j4IMpaJ-NZZ0DpQYPwocEylndUhc3PK1HHFORPZHhrsFUwKz0vJM5HhNafqNIqTHh7Ma_TGoQsI-cMS2tmkCOxzubTaohIhahbb_9quwBad8lpbU2nZy4lJ3jEPJi7S9TX_oVj3o7mZClQC8s1-GKAwX_TL3w8IQH9PniLOEendLBlFS6wP2AKZj5XcRwMvqQfB3NToXQN4Q0oLfae6cdQmmoSCdcvBe6GLnsUxlaRMtkyLGhjys6vUJFgMwDowZqXlRz1b_HLlkG5VkJUS_zFfvkxS-9XIifcEzRG0LfsntsuUYOd-oSIFwCD3oIOEQafW2g9MWysh_rRAwCQTe-ZFSjsYSdkmttANhRmocV643JwPasjGiYsh_jkr1hiRbTvl2IdWYsdUHFXj14sGwdbTK37f2JkKIbNTBKxOcZtvGPlNnfDGTmvR3r9-n9FCMJU8l_AGtbFajGes9rC7w4ZCx7-vTDqu2G9kqi0jJd9MN9zyJh32L8MvtWcpVphWJmu7to8j6BIJnez2nEBsvaG9R3nejA4cIhuU5qobB5upeoZxtEvyz7SgwDSUYjn62uQdEAbv48MgM1ODwLGioOIRm0fkYfAn2fX0Tnpve6vHQSUzQXeB31f18dPHlkvkJzJ6w93M64PNgAYj8FvkbtCKuQW9LaStei3000Yx356W30j8MeCfH5YJDjKeKaqMiqTrWarM_ocyn-Duz5dep3vJ1mVj-a6Ao1m77yGC6waUEaRyvHXwqz7-knSdPaEN9xYF8MC9wFi_U1n_y-sfzxj7R0LWYFDGnQ3ywwg30_MgYtxFFelkSYwNX7WAgRXWLwy3bXjFgi-Cp_QJapAbkKH08Nz5rJ_zeMnFivs1fPYPy1-S7NTwo0tct9uGvK-YxWSaCK3VuTK0t2C40gG-b4EyTSkYcuV4scVGW-dHh_95WGkddX7xAcuQvxMbQ0Of9lGhQXD_wo8iVmST3gwrc4jFV01vT5KBplyLQxP53swBXhPuCidgfU6eQOcZnwHQeowsOTiQlUeskZs1SxT3ZGOzv3V1gHlkr8COKFi6gFCPiKr9h3SFM4xJYvoumH8dCk8rFo_BIkik_Pqqk3jboStOZric7Ix5DQ3tRMipiRJ232tFiCLJ3bMQqqqxGc8qGug3YBbG4f-ZKjgHTwL-epkp4qqCKRZGPz9SWlxB7DEVF6bv_YqiO2BTL5Mqw0GvYTICvOq01pa-aaqVvBPGCpI5O1Lcii0w8MXTSRH9rugb2RkGYL-W5WG71xedPto-1IYlTFc_WVOonzGTMORTcVwenwRTA_26hOS2cmDY2kvFnN5sfSzXyRUc1Y9iqAetRNJM4S1TbrQh5-UB9vpEiSurAU7TqqnqpSP0FEiG30V3nfflaAxU6RnTNbW19x1BxCb6&sai=AMfl-YTBkZrDf2TXfw-jnzMSOOaAqjzDOcfDrz8HiOAO9NPb7P9rjWclsQnYSKEgHX4hzoMGcwH38o_BOG2bZVgV6pdNnbp7ns8cRTCpGu2M7uyBeLnwQyw1pfKOxwJTO01nKnfgvk6uR9Ku48gI2vhFPqR2LpoUHRbbrLEFO2Jhyjba2AoDLQoVlx-J8svoY1CtTZ4qfsx9SfGmXyi4XsYO5oSUJ34XqNWugNIIZEAkxCTJ-hHx82eyJv_VOJ1oVdKXvkEtmQKLOaYTD8WFO0dK68q1-LLKKdfgFL-PFDts0dXu6-GR8l_DIcDY6AgaTxx_NyxtZLYRWifTLkP-05PVPbQO2lk7xLUOqVU-c1QamGgGlyL6Iyo-_jfZHqNDyF7GcplenNm-bvbHIJZeyckeObD5_15bZUjh5iWfhPGwX--PMfWG&sig=Cg0ArKJSzGo5nfEKBeyoEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rbG0uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=1&cstd=113&cisv=r20240131.73214&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:54 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4F47 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 14:14:22 GMT
banner_728x90.min.css
client.bannerspace.net/111329/ Frame F759 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111329/banner_728x90.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a190cb3fef1caa9719df1f801819c167affaa42afced9b6e394dca454732c2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:54 GMT
last-modified
Mon, 20 Nov 2023 14:05:22 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1394
expires
Mon, 05 Feb 2024 18:13:54 GMT
royal_dutch_airlines.svg
client.bannerspace.net/111329/ Frame F759 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/royal_dutch_airlines.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:54 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1846
expires
Mon, 05 Feb 2024 18:13:54 GMT
winglogo.svg
client.bannerspace.net/111329/ Frame F759 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/winglogo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:54 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1891
expires
Mon, 05 Feb 2024 18:13:54 GMT
TimelineLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame F759 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TimelineLite.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5740443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3706
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-3026"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyyITSRv4tOKquLzPiR7BbSgV53%2BNftIi5EUshAbQUcvDnuvB6KvzDXf1rJplcMKr7TCe1K6OjFG1YVDusCQS3cUE4e2uJgu4ndI0YZce%2FzwvsqKlUTsn5ZCIfV4Et17C6ABi%2BNT40PliesJa9kESIhO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc68693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame F759 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5825485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SmqtksXm5JnO38aZLc0ysW0BpxX%2FkRxMLwLD8zudsiASS6GtUOhAKPO4hj6w%2BDn5jpNZFhl2Rvsd9%2FxPumtX5Wk2PfDXlqZZ755UwxU9dPCJqfzccC50yav0sCqoR%2FD%2BPIoLyAktKPPLeoYexQl5%2Bgg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc69693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame F759 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5825821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrqH2HNtgFI0yKIVLtl8Ovy2lCo2ECi%2F4Szk37Zgnpbh3mCSW9CWIdDXXb7wVmE5ZI7E%2B0xG%2FoIpZNRSIhhuk9OuGCCaQetMzpy6k%2FxdFKH%2B9Xe2xZMEWiWA9%2FNMfRcuE9gmGtXg%2FJ4f8l7JyBfgBb7F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc6d693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame F759 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5661348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT7nbY66wmkOlb18dMEKFm3frPD1A6TIp6EPqDPgrKpah%2FVlhOXnDy2d9B8rwkiX6F36WarA%2FKfF8rqKKCJmYOVIG8Luc06iPvV1bpZid42zufjPMEToiObYLsNFS7HrYdInjLAZS2zjbxpzalmUBSY4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc6c693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019497/ Frame ED02 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019497/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20833644696&bidurl=https://saopaulosempre.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0haLAaHxh7Us16bu_B2z5Z5
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c6a9da4bfc81cfd8dc4ee9ad29798d8e77287d4898cd86bbca8afd93b5d807c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame ED02 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Origin
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 14:12:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame ED02 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cv0xc5or78t9htM3JQjFOfJSpEW54ouM14uSC_ZS4pGEZ4hfld4i1ouF4mkt5PF9YUHElhiJT1-3EznmaH5PipQMRtCGFTdpcgc_VW0GPDdXwzDvO_1TMK2bGnoqu2wbj3l1tnE0PqoSSRU11CwOm28upHlj9WoyuGnM_1_NVzpVe69oI&dbm_d=AKAmf-Dg1kBOOjcpbW_PsqrcfpwIQO28qSkMglKcmTt2Fa7XfzKN_LaE9wt_QisgDbmoVcyd5es_9eZBxiIdya2jTqxtDNM-DuFHlyRKDpiRxavgLy1E3zZv6k-DcsWvFTRzEYwuh5sT3HLYlMa8b2o1LYLKCfHj6LGIJmGd-6ARHlD86pY1pGje2q5-w05ZXY_f_Ocs08L38y0uER6aqn4U7BH0HsdF-9tG4WFT8dIHSIuKCxtzUeLveSsvcf89-lJoXqsIiX-J0QiGTN5evwJMMNpPDV5qeHQQV_b0e26ootD9KSLxHKIyY07MY6rRc75QOCpB07BOh_U2f_nrt9DcCsyDi75hmAhFbNce_3lhq1MsAbIUQQxmZ0yn-sQvpwco1Q5nDaBcipMdiQ8VRRmzqncnf01s93igp-rRVYOBcXM1n53z17BUe0OEqWn-MZrIzL95ij4E7ivyoIs5I8XL-iGFB2wh_ExCU19jk0MmEuDJNA3om8zN93bHxWFbfkJ08RhcmymsKYgoO6dLy_4Zp-jwd7svnr-fcA9TuG1JX6E5VjIu0P37AeiAnH9HznDT-pTBTtG_deEJhcVLthQ5Jm-aLZo0sGeWLvqJKo2V0588j1WxaTIjQFB3y9mLHCk--EoFOvRI1fXT8JZ9x5lezUV8WS1USIKH-1EGUMakB_fr3vrsDyezyGlBki_btHWzC2EQ-SR7rTzqQCsSB_HkMPMBi2hZtBwvN87oqiNlj_wrPou1EbMK1aH9VjVLLfN7epoIBxj4p2VJThWDgQzlOnenQkWEXfNWQ5tKYfqZB2FdsHG4BI9nwDiHqRh8S9uazSnvkA88d_-Tt5-vXriJOjGRnJXDSEZhs1IDyHt8McBzAY1znn62K9t3Fa40Ydie9-6wJSl9zWawUolU9KUknyHJqTXh95dE7-nbS2TWP1sKK0LfpRPfaPtT7uF9WRZZ9g8iNY06o4xToxPOv7CrSzqQfy8p5UGQF5vhN__cj_DIvQFD3P-GyLJMjH7UyD2LPapN2z3GFoIO4RC7pNNXxVwLXORpkQtt2I9xe4JtC2A2bOdqgkrfrVQyEU087uBuSA3sZ0TiEkhCtRDdyI0Po00XLEQUDUaxapbA3cIV8nNIcRtXVjq3QT4nTgZ1goVeBA24a291E26yhBGkhHdi2xf6CVAWR8mWZdJJGnQfECEgQ-AcvixnoEfG3t7SeUsfkSeBKz5AnN5DLQLRgXUkJSxium-hBSpKORPlvRfBd-B3AZFuk-ihjoOFfPJKborJQItqvZ8SDLLbf-TAYYW1Ttd8bNQuDcQObeF_icjj_XYOshmQ8_gyXEG1vOWBV46Weyi3WQuBFZhZu-untETCz2CAzLxhPBqJKK11qaRTlifZ-ZtFfVY2bmuTF08AGnd7uZV19Zrc1kJNORLHQniPGoqbN-zdRf3vTzAl8uncj1KWcDq6GRqavcg9n0KJquVOYjP4kFq3qpjRdmWBNPy9pQawPrBekenySaa1f4JnUIa9o58ugQpRDb8dtjXxmgqKxc3_wkVzWscfuaK5nTTQAzLDK5RGtMfzrbIFyWBxhoDmxNR7xNvQUVCC3VvQxQl-tRAEPOqLsSkKcmpxPqUXf_WOUMZ1Se2Du6UWbH9oYsS-3eC8NkG0rsJONBVmU0cQs3cyXMsuhdW1SN441t5uN__pWp804zy5GnKMpDUssGv7giLkzHRgTP0towoP0Q7zXiwTSLS6vyKPGybTp7EKPJxdO2Yjd6gxoYzasTznuqSmJql_ZU4_sxijeWKyTdesG1w-TD0X2u0IRe1Cck9lW0Wj9dMyDZpKlEz5WiOvFzRxJvvRoYaPZi1qntYdwTbLMEU6-waUmZ-UQF6FerD8ratdKL3jmDAYnZzpw7euCKRGxGHFfq0iJDyvFrz4qtzr58D1HdKKkCNaqaXQBew1bGM0bYzr6jyIj-A3H6q8ZeOtb5LDX8xL7aqc974lkU6pklu_g4eZjgyMDGyi3XBKaWS1hkcOuLi4FEZvS9mYUJrNfiJaV_2CJS8uKTcoTUzfGoMa03cQtg8y-pOcWVS9bTz9VB7TYmKP3WbtTdJKtsVdhdHkNzRaqwhvjm_TTlNmYKXGdqaVe3h4gusSd35MGT3JULqvJMkVCROqIoa2jxrn_SQiTTLTi5Vs1v9lzYkC3bWUKHuC4XQ9091TkjL9ZaYbyzivGOl4-GRKazi3c4q62j50YGjcZWyKU3vawv5Dd-iEHBkluuxFXAPdEIW4gGYddcMzNmKRoRrJF4Oe0yCKaRKGTcPf17ZxEol3RFGixQC72wxdoymoxBQmzkF8x9XiYgpvWuudMu_CVcrpC3bKHFrnAiuw_oRkPdpwwKxpTsTSBe2v9UammT1brmvbJ4w5hHyb-VRS-zjyhkI5f6OGJBnLTgWfUfM1fQExO1ShtAZv5t3d3WKx1hXU3orfxbAXsgIcUhcBZaU1n-2xdyH5hp3IC2-epixWNCydgtmCP-uItVqSnx_V7IwtstSxSpH_fTSm2coHF70hNn13K4QS3fE33_wrusBadyrvMyYmv2YcMp9Eu2PndQo_aU5eo2qh8iZA-OyDl2ghC0hq_6vigkySSGnqL1O8ScWMTSGAleQ-jzcXHkH8tp5bhX1ptAvo4OpBRfzQ9vtYL8wk5qQFydWAEit2AVngTMUdi4QG9DAMDfXWfXUvNhObcg9DFGciMpCjdSUVs7ydqWg3MrScaNoi7MaHggYM5cKxeHAZffbXIF1OnQlSJ8hKR81_ODbk_j2o-6mf-H092Mrhp5ycGJkxjJA1WP7at7fJbYJ7_zi008dRSI__ROQsoeaosmGtuqglEAujt6jZau2aycv7X3bF3EnnL8nGvOBc5KfCqCYx2MU6po1K3cvWg6IwsIXc22g2GnSKEC57DiYnuDrjaFuuiKvdQu5FiJkdoJJbErd4Tc5tYKBv3iRPp0vjaQ-38cLDXTy6Fq3eJF9ety6sz6yPgAtVwWtiSUQqFmwlDWyTmwMs6S_kuq6r8UKwITrxFw-MRqisLo_En0fPsn43trgu9YVxqjilTRDnxFn4F0wFm0yU2hbEaPj3QqYF55K1vqXJBl2UdI-z33EgMSDdg01ud3y9gMBGXtDSVjO6Zb-ABuhmhfsHbOns1SxPlp2OPcSCm9GTtQiqr-TSu9P8dglOWweCZSiOZvhC1t2hCoHk42E0JCBLSa_xnAe5rwzUVdHPLVpSG86w-qMtjRO_qlIwqpL4FV97tWYEVcDC-kH1HMqQpzThcJ92BlVKRp6v5CqNtS9baxJXo7ul71lR8qNBjEcttC-ZDxPFQEv6ZXWCQJ4ZzESYQWBEWxTCkcdmAc1QzzJDpLkXHI6d0dYAQ_e-LiUP7VcLea5AXpRy6TcRzAkOO31douMpOGLvAX4akhffhCen7fWHu8EPG5pfabcdjf4pg_q9OrsgQdxTrip09CMODvW_TlajGRvQ9reeAjFRiiUL3VpG1Cr2pBrNsjxcByaRLTqfHkpJ9hcXyGXrpg7uWgOV7kIubq3ANcDzXpaTO3hyujBloIg7_TjCiuYbVfFu8eQTBTu0A7UpVL2co44fxRDzgrGZwfWa79moA6CVytNwFaKA5cYhayOCBa8pYCKyRTDS4ADloQ8EGUdUWiH3bjE0lm7NApQGJ-POc9ytZQGoDpr21tMYmU-sVATEKUFlyDOdAmaYfkUK0hfCQmf1XnwPianatb6wpyJD2I_w2-MW-zbKpF_pAQ3TJIaIl5qb7066xTw0B_5Du-e9HG0Y9BgshQqW7nK6lInLe5W29xRDhG6-tbs7ZaToN-EVtfphQkHjO1hWxzj2CZhk-owPeSdnIwQy6hGuroQwlRRYk1FwF2NPrbcPlCu-0GC7aQMVt-8jn2hWvBBqFscFkqKqr_UblcHwYBhIi5cm11n4Pw&cid=CAQSOwAvHhf_p3O4G2Hcn7RmksoakQaK2r-v5oQ5_T0a_8au2i6kxfhud9Kde_hWUzbdPOrXuhn4k8UbWD_iGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fsaopaulosempre.com.br%2F&ds=l&xdt=1&iif=1&cor=4589270900344061000&adk=2086295848&idt=59&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:35:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame ED02 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cv0xc5or78t9htM3JQjFOfJSpEW54ouM14uSC_ZS4pGEZ4hfld4i1ouF4mkt5PF9YUHElhiJT1-3EznmaH5PipQMRtCGFTdpcgc_VW0GPDdXwzDvO_1TMK2bGnoqu2wbj3l1tnE0PqoSSRU11CwOm28upHlj9WoyuGnM_1_NVzpVe69oI&dbm_d=AKAmf-Dg1kBOOjcpbW_PsqrcfpwIQO28qSkMglKcmTt2Fa7XfzKN_LaE9wt_QisgDbmoVcyd5es_9eZBxiIdya2jTqxtDNM-DuFHlyRKDpiRxavgLy1E3zZv6k-DcsWvFTRzEYwuh5sT3HLYlMa8b2o1LYLKCfHj6LGIJmGd-6ARHlD86pY1pGje2q5-w05ZXY_f_Ocs08L38y0uER6aqn4U7BH0HsdF-9tG4WFT8dIHSIuKCxtzUeLveSsvcf89-lJoXqsIiX-J0QiGTN5evwJMMNpPDV5qeHQQV_b0e26ootD9KSLxHKIyY07MY6rRc75QOCpB07BOh_U2f_nrt9DcCsyDi75hmAhFbNce_3lhq1MsAbIUQQxmZ0yn-sQvpwco1Q5nDaBcipMdiQ8VRRmzqncnf01s93igp-rRVYOBcXM1n53z17BUe0OEqWn-MZrIzL95ij4E7ivyoIs5I8XL-iGFB2wh_ExCU19jk0MmEuDJNA3om8zN93bHxWFbfkJ08RhcmymsKYgoO6dLy_4Zp-jwd7svnr-fcA9TuG1JX6E5VjIu0P37AeiAnH9HznDT-pTBTtG_deEJhcVLthQ5Jm-aLZo0sGeWLvqJKo2V0588j1WxaTIjQFB3y9mLHCk--EoFOvRI1fXT8JZ9x5lezUV8WS1USIKH-1EGUMakB_fr3vrsDyezyGlBki_btHWzC2EQ-SR7rTzqQCsSB_HkMPMBi2hZtBwvN87oqiNlj_wrPou1EbMK1aH9VjVLLfN7epoIBxj4p2VJThWDgQzlOnenQkWEXfNWQ5tKYfqZB2FdsHG4BI9nwDiHqRh8S9uazSnvkA88d_-Tt5-vXriJOjGRnJXDSEZhs1IDyHt8McBzAY1znn62K9t3Fa40Ydie9-6wJSl9zWawUolU9KUknyHJqTXh95dE7-nbS2TWP1sKK0LfpRPfaPtT7uF9WRZZ9g8iNY06o4xToxPOv7CrSzqQfy8p5UGQF5vhN__cj_DIvQFD3P-GyLJMjH7UyD2LPapN2z3GFoIO4RC7pNNXxVwLXORpkQtt2I9xe4JtC2A2bOdqgkrfrVQyEU087uBuSA3sZ0TiEkhCtRDdyI0Po00XLEQUDUaxapbA3cIV8nNIcRtXVjq3QT4nTgZ1goVeBA24a291E26yhBGkhHdi2xf6CVAWR8mWZdJJGnQfECEgQ-AcvixnoEfG3t7SeUsfkSeBKz5AnN5DLQLRgXUkJSxium-hBSpKORPlvRfBd-B3AZFuk-ihjoOFfPJKborJQItqvZ8SDLLbf-TAYYW1Ttd8bNQuDcQObeF_icjj_XYOshmQ8_gyXEG1vOWBV46Weyi3WQuBFZhZu-untETCz2CAzLxhPBqJKK11qaRTlifZ-ZtFfVY2bmuTF08AGnd7uZV19Zrc1kJNORLHQniPGoqbN-zdRf3vTzAl8uncj1KWcDq6GRqavcg9n0KJquVOYjP4kFq3qpjRdmWBNPy9pQawPrBekenySaa1f4JnUIa9o58ugQpRDb8dtjXxmgqKxc3_wkVzWscfuaK5nTTQAzLDK5RGtMfzrbIFyWBxhoDmxNR7xNvQUVCC3VvQxQl-tRAEPOqLsSkKcmpxPqUXf_WOUMZ1Se2Du6UWbH9oYsS-3eC8NkG0rsJONBVmU0cQs3cyXMsuhdW1SN441t5uN__pWp804zy5GnKMpDUssGv7giLkzHRgTP0towoP0Q7zXiwTSLS6vyKPGybTp7EKPJxdO2Yjd6gxoYzasTznuqSmJql_ZU4_sxijeWKyTdesG1w-TD0X2u0IRe1Cck9lW0Wj9dMyDZpKlEz5WiOvFzRxJvvRoYaPZi1qntYdwTbLMEU6-waUmZ-UQF6FerD8ratdKL3jmDAYnZzpw7euCKRGxGHFfq0iJDyvFrz4qtzr58D1HdKKkCNaqaXQBew1bGM0bYzr6jyIj-A3H6q8ZeOtb5LDX8xL7aqc974lkU6pklu_g4eZjgyMDGyi3XBKaWS1hkcOuLi4FEZvS9mYUJrNfiJaV_2CJS8uKTcoTUzfGoMa03cQtg8y-pOcWVS9bTz9VB7TYmKP3WbtTdJKtsVdhdHkNzRaqwhvjm_TTlNmYKXGdqaVe3h4gusSd35MGT3JULqvJMkVCROqIoa2jxrn_SQiTTLTi5Vs1v9lzYkC3bWUKHuC4XQ9091TkjL9ZaYbyzivGOl4-GRKazi3c4q62j50YGjcZWyKU3vawv5Dd-iEHBkluuxFXAPdEIW4gGYddcMzNmKRoRrJF4Oe0yCKaRKGTcPf17ZxEol3RFGixQC72wxdoymoxBQmzkF8x9XiYgpvWuudMu_CVcrpC3bKHFrnAiuw_oRkPdpwwKxpTsTSBe2v9UammT1brmvbJ4w5hHyb-VRS-zjyhkI5f6OGJBnLTgWfUfM1fQExO1ShtAZv5t3d3WKx1hXU3orfxbAXsgIcUhcBZaU1n-2xdyH5hp3IC2-epixWNCydgtmCP-uItVqSnx_V7IwtstSxSpH_fTSm2coHF70hNn13K4QS3fE33_wrusBadyrvMyYmv2YcMp9Eu2PndQo_aU5eo2qh8iZA-OyDl2ghC0hq_6vigkySSGnqL1O8ScWMTSGAleQ-jzcXHkH8tp5bhX1ptAvo4OpBRfzQ9vtYL8wk5qQFydWAEit2AVngTMUdi4QG9DAMDfXWfXUvNhObcg9DFGciMpCjdSUVs7ydqWg3MrScaNoi7MaHggYM5cKxeHAZffbXIF1OnQlSJ8hKR81_ODbk_j2o-6mf-H092Mrhp5ycGJkxjJA1WP7at7fJbYJ7_zi008dRSI__ROQsoeaosmGtuqglEAujt6jZau2aycv7X3bF3EnnL8nGvOBc5KfCqCYx2MU6po1K3cvWg6IwsIXc22g2GnSKEC57DiYnuDrjaFuuiKvdQu5FiJkdoJJbErd4Tc5tYKBv3iRPp0vjaQ-38cLDXTy6Fq3eJF9ety6sz6yPgAtVwWtiSUQqFmwlDWyTmwMs6S_kuq6r8UKwITrxFw-MRqisLo_En0fPsn43trgu9YVxqjilTRDnxFn4F0wFm0yU2hbEaPj3QqYF55K1vqXJBl2UdI-z33EgMSDdg01ud3y9gMBGXtDSVjO6Zb-ABuhmhfsHbOns1SxPlp2OPcSCm9GTtQiqr-TSu9P8dglOWweCZSiOZvhC1t2hCoHk42E0JCBLSa_xnAe5rwzUVdHPLVpSG86w-qMtjRO_qlIwqpL4FV97tWYEVcDC-kH1HMqQpzThcJ92BlVKRp6v5CqNtS9baxJXo7ul71lR8qNBjEcttC-ZDxPFQEv6ZXWCQJ4ZzESYQWBEWxTCkcdmAc1QzzJDpLkXHI6d0dYAQ_e-LiUP7VcLea5AXpRy6TcRzAkOO31douMpOGLvAX4akhffhCen7fWHu8EPG5pfabcdjf4pg_q9OrsgQdxTrip09CMODvW_TlajGRvQ9reeAjFRiiUL3VpG1Cr2pBrNsjxcByaRLTqfHkpJ9hcXyGXrpg7uWgOV7kIubq3ANcDzXpaTO3hyujBloIg7_TjCiuYbVfFu8eQTBTu0A7UpVL2co44fxRDzgrGZwfWa79moA6CVytNwFaKA5cYhayOCBa8pYCKyRTDS4ADloQ8EGUdUWiH3bjE0lm7NApQGJ-POc9ytZQGoDpr21tMYmU-sVATEKUFlyDOdAmaYfkUK0hfCQmf1XnwPianatb6wpyJD2I_w2-MW-zbKpF_pAQ3TJIaIl5qb7066xTw0B_5Du-e9HG0Y9BgshQqW7nK6lInLe5W29xRDhG6-tbs7ZaToN-EVtfphQkHjO1hWxzj2CZhk-owPeSdnIwQy6hGuroQwlRRYk1FwF2NPrbcPlCu-0GC7aQMVt-8jn2hWvBBqFscFkqKqr_UblcHwYBhIi5cm11n4Pw&cid=CAQSOwAvHhf_p3O4G2Hcn7RmksoakQaK2r-v5oQ5_T0a_8au2i6kxfhud9Kde_hWUzbdPOrXuhn4k8UbWD_iGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fsaopaulosempre.com.br%2F&ds=l&xdt=1&iif=1&cor=4589270900344061000&adk=2086295848&idt=59&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 19:19:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
80668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
cafe
etag
10551285868935850944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 19:19:26 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame ED02 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
513356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C615 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 17:10:44 GMT
etag
48472445140208031
expires
Tue, 06 Feb 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ED02 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
593005e1a79cbd126820cc1b23713f90dc81994d29bf5886ad2f96547619a079

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BEDE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
513336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/678068588499727466/ Frame 0E01 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dec06becfd5dff9e5109678d08ed0b6e4c3aba816aeb2fef00cbfae1ecf63ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
514127
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2309
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 18:55:07 GMT
expires
Wed, 29 Jan 2025 18:55:07 GMT
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame ED02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttQFEqIt1Jo_gOCGxX_8kCXBwXpbgz8ZKrXGjrqO-orwkzskd_e_074zOvQcwGaskbFhI9mGJpyhkyH5KYEJrMB6JQHrkrRHtd-oNrFqtolYH3Aa0TscUPvRH9Uej8J-1VX3pbaEoiMkjp-LKAn9vjBmCiE_7SoKb9jXSNza95Gd28qM2WpV2R1iW0Hc2jJb_-d15CFc6oY8W_XFw4p_dLg4dL2ohbfNOvL-qGceOO8al_ho8L5l0hSFve8tXBqrM9BUU7qWIH2JW5FrmxSOLhtA489Ccmhyerack3xseS1_UkgY_PoMXb1tykKbNhUhQ5bUMdHVyF7T5m_9119kiMItJF1qUrf9oJt5mTDZbBVv2b95tjGFkHG0cmLxNddX9P4f7tuCMLw8ZAt6UYjemCgb4WDm0lFelCf7GnyGsnJCcF7Y9RD7vZzuikd8mw3VxK4CbfPr7D7ic19tG0o1znDV_xCeRdyMro18_JCmFfMMyFUHdsjDT6_G05rMmJbsUkPL3YI4nsubRISc1vA7IcNXhrDxTaIhTeYPBe0IKpL_0MRI2HjxpRuCf6YHSusPn_pbYbJVmztHZ4vxhVoNjJRwCh33Omx0BkMQLguILjr1AWydGoYKFk3nHxh9nziz04X_zlN7F8P0X0hp7jAIyhAAOVb_KJd-i3YRwCg_CV8QBksGfYXt9IkWKzxla0xmrNfa8Ubu7E3De0O3G16Z0uqVu3T9cXgmle5iQ6FiQwmzdyb_MGG9ANjfqgmBKGlYnmd0gZw9bdS0qZ_kTnDjttAX-p3jT6rSLkpvbqfsGkX8uYV4j40xkA_uXXCK2CJYvrcu7_JlT9nTfYpyeRnPIWSWvr3hl3q3AdL8J7gMmqkf3aCRpsPRgNqrkUKVqCt-Ju4BL4d3gxrJp7lMIKqZ9cP4Fz1hwiGi4IEVeyIXuj0_n4j5IR4WPO-lLQwtnmFpnsgao-m30eaXNzQdmYCpApLw-fOD1gcsRVet5wAR36n2nZEHhsS4UGQIRc8EZVbTicjWtIw6Wf9Q36c5x6cOpT_baI36QKh_UvuE12Dt5whZMMS_Ex7MZDqNeI9D-Thb19VgjwYM5e09-gPRwDiHIXDcyAuDVJ2vYK_8DmSWR3rqWqIg_L0JUlYSKvcagjf5rZUVBCwQB0ffMTJ6S3_J9mRYno-XcQWIxbTkw_SdlUyU2gq5tCWLSdNfU9nFSHpueDIfS5yDsossvUtMzTdq4syH0l4X2CI_ZXClsW1oadb15181B6R2JBa99R8c7DCG5-2anYaDCL0R63De75_vYfPLR4s_WzCyRn-ZEVtuak1UspulNpnX3DdIJnaIg3UX-jRIZurzAqu87Ip0Tkrvmw8aW1RhPh7NI1jWGr6HZ6O5WjubcATkfyw_S-Rs3F9eA75xHo9LNURH7r60UXp9XnJcEB0fYh1T4_q9qhb03Iwk0QZ_392EMM67Sl0XRFVCni1xSr2HlIE-MsFqVCqT8ALUBBqLFXY2_lt4g5301FKiBKDmMTHaBYT-qC&sai=AMfl-YSKvMDBlTv2_q_LUKZnQw5XE4x3QD2bxeKCfHZQ5YmXuMhLiVkrGCOQP05RcaE28ioL-S6XLb1WkZ2HjT9-RI4fGxg8WyTIvMNkXZoSzgPv6aLsto_MaQvf7g3CkQ1e-RMK9N-yybiZJvuERv9XlWDJzmc8htwxddTwz2VGwVHXfmvtxPqZfDmxXHOTBwdC2mxLpa8Kk2pu43QVX5glNVthxSDsC_RgDRSiF3n12-p5YLQHO2LRDmhJ0uCIlz_wd7dA&sig=Cg0ArKJSzFf0cQzOOrWoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=112&cbvp=1&cstd=110&cisv=r20240131.89794&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:43:54 GMT
dpixel
cms.quantserve.com/ Frame C615 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED4ZQXh77efbCQg-LmRZ6hA&google_cver=1&google_push=AXcoOmQ4FiTGhDPEBf5xlVcgYFAAw7EofqbGO_zF-tP218eWPTcMRmzdLvD8THqgSyA-Cj3pmnj5MKDiyYA7YBQDFWwZ34GBV23o
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C615
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmQkUcW6TCMHS3VFVW8HF5ZvtF7g2-FBUfB7QvBSOy-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmQkUcW6TCMHS3VFVW8HF5ZvtF7g2-FBUfB7QvBSOy-x3zZ1NehMEtc4dL1IaVtL5sOtUWqQJMglobPpVLS2_KpRacP92EgdfA
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 17:43:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-05d5f34508019eaec@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDJaRVpZYnAxUngzMEE1&google_gid=CAESENy9DReCSOI_9aNgdvGXaWk&google_cver=1&google_push=AXcoOmQkUcW6TCMHS3VFVW8HF5ZvtF7g2-FBUfB7QvBSOy-x3zZ1NehMEtc4dL1IaVtL5sOtUWqQJMglobPpVLS2_KpRacP92EgdfA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C615
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_Xd9bIjgWbDsZDl2z8oRQ&google_cver=1&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3Bd5...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3Bd5MrB0r4AP6Iyebw3sYnEx
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMTI0NjQwNDQ5NDAxNTY0Mg&google_push=AXcoOmSTMezRAn_RCbXBPd8ogeokIjpFiHK5H5q8lMTrJ6i9PSYD4HR6DxOBjGvGEY2_JQUQCPNU3Bd5MrB0r4AP6Iyebw3sYnEx
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame C615 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKsV-bFm8kTzXDtrtZ_ZlSI&google_cver=1&google_push=AXcoOmT5Q7aYmWu8K4aFzhFncn_HJmt4b6IxkEdrcl_60ad0ohbgK4d244SSMeCpMRAEqM7zhNoYgGSuxOmA82PP0F-JIcKovwsR7Q
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame C615
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECLFI_mydSMbdKgsYhnhOnY&google_cver=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7RlAqEVapqaNdEwKyIOSGpZT7QAo5lNkmIez3ZgEwah5i89ONEpq2YnR-K6uEbRxqEy...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&mn_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&mn_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7RlAqEVapqaNdEwKyIOSGpZT7QAo5lNkmIez3ZgEwah5i89ONEpq2YnR-K6uEbRxqEyvE2zQ&gdpr=&gdpr_consent=
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 17:43:54 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&mn_hm=MzUwMTU2NjM0MTQ5MTg4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSwAh_ncuNvCvIf3z0UwEZnoH7RlAqEVapqaNdEwKyIOSGpZT7QAo5lNkmIez3ZgEwah5i89ONEpq2YnR-K6uEbRxqEyvE2zQ&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 05 Feb 2024 17:43:54 GMT
pixel
cm.g.doubleclick.net/ Frame C615
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAaksdaXT3AqHIpFtNSruDg&google_cver=1&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow&google_hm=WmNFZVc4Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow&google_hm=WmNFZVc4Q281c0lBQUZZejVvY0FBQUFB
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 05 Feb 2024 17:43:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEAaksdaXT3AqHIpFtNSruDg&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZcEeW8Co5sIAAFYz5ocAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad160"}
X-SO-Key
ZcEeW8Co5sIAAFYz5ocAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad160
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ5j6XKvgZePffDox0J2299YUnkDORu9f3lMtWQR-fGCLgTkH_SSz-6Va7n0mViQ-Jwq89Uh0e8bbfPebpE5Yp51WdBNTtBow&google_hm=WmNFZVc4Q281c0lBQUZZejVvY0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad160.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
192
Content-Length
0
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
X-SO-IP
178.162.209.134
/
onetag-sys.com/match/ Frame C615
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGiHUWFVHC9Ao4sanWf7c3M&google_cver=1&google_push=AXcoOmT5A2p7jCc1X92meD6wuWwvyV87zjheHp-CbsCThtksKr3S-YfyTRpckdsUopBoQFLkAQ9ojBMtury...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT5A2p7jCc1X92meD6wuWwvyV87zjheHp-CbsCThtksKr3S-YfyTRpckdsUopBoQFLkAQ9ojBMturyQwMYG4MzdATWqPcnvLgE
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C615 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lk3SZRmh3WHIFWWrTdqyYFrJpjQFULIbTrKKCAiMuWIp3otzDRnTEYGePAI61Fgy6iWKtYLw
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
style.css
s0.2mdn.net/sadbundle/678068588499727466/css/ Frame 0E01 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:50:32 GMT
date
Tue, 30 Jan 2024 18:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1854
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0E01 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2238013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 09 Jan 2024 01:45:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659c9715-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz0svbsm75mioQX3QmRDiiKgySPF0FOB%2B4OXPXaJkE1o5DhAsMHvORb6R2m2X8ddNuFFrXB1KSvP69GxrYZcKsyNIuDF8WkmMRbR%2FhvH%2BfJpKGsdUOUfJNOtcBqKCIA%2F4tIn17NZbDG2GL8eQ%2FfbaIeK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc66693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0E01 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3087487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXQQAt%2BOo%2BMIYk0Y08y61%2FZ0PCmwksgLpzcsISvFZ%2BifYBgDNS8Fafj4E6rylwHFfneESI4MAluiESQcrV94axXwWZz5RtakE1Y9tffyP%2B9qlOr1e640cjqBRzXGZRbVVp1RoDQvAKsK2%2BylJbyvx4Mf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850cf557cc67693f-FRA
expires
Sat, 25 Jan 2025 17:43:54 GMT
dyson.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Tue, 04 Feb 2025 00:12:15 GMT
date
Mon, 05 Feb 2024 00:12:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		2 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:58:48 GMT
date
Tue, 30 Jan 2024 18:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:49:01 GMT
date
Tue, 30 Jan 2024 18:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3980
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 13:25:20 GMT
date
Tue, 30 Jan 2024 13:25:20 GMT
x-content-type-options
nosniff
age
533914
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31326
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 18:59:50 GMT
date
Tue, 30 Jan 2024 18:59:50 GMT
x-content-type-options
nosniff
age
513844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21613
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Tue, 04 Feb 2025 07:04:08 GMT
date
Mon, 05 Feb 2024 07:04:08 GMT
x-content-type-options
nosniff
age
38386
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25605
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 10:53:00 GMT
date
Wed, 31 Jan 2024 10:53:00 GMT
x-content-type-options
nosniff
age
456654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30924
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		192 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Tue, 04 Feb 2025 00:12:15 GMT
date
Mon, 05 Feb 2024 00:12:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/678068588499727466/script/ Frame 0E01 		4 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 19:03:22 GMT
date
Tue, 30 Jan 2024 19:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
944
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame BEDE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 14:14:22 GMT
ctaarrow.svg
client.bannerspace.net/111329/ Frame F759 		274 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/ctaarrow.svg
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_728x90.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.bannerspace.net/111329/banner_728x90.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:54 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
210
expires
Mon, 05 Feb 2024 18:13:54 GMT
NoaLTStd-Regular.woff
client.bannerspace.net/111329/ Frame F759 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111329/NoaLTStd-Regular.woff
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_728x90.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

Referer
https://client.bannerspace.net/111329/banner_728x90.min.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
23664
expires
Mon, 05 Feb 2024 18:13:54 GMT
4.js
static.adsafeprotected.com/ Frame ED02
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019497/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20833644696&bidurl=https://saopaulosempre.c...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Wh7BZaabIuecjuwPs9232AI&cbFunctionName=goog_wrapCb_Wh7BZaabIuecjuwPs9232AI&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Wh7BZaabIuecjuwPs9232AI&cbFunctionName=goog_wrapCb_Wh7BZaabIuecjuwPs9232AI&true_pb=
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:06:41 GMT
x-amz-version-id
zbjmrmX9La72mdzfuK7odzxCP3od.Y1E
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
434235
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 31 Jan 2024 17:06:39 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
FrneMxzWJKLoxkRGCaP1WYabSv6kcsdVuftjzzV8JCKFUd3V6aNikg==

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:54 GMT
server
nginx
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Wh7BZaabIuecjuwPs9232AI&cbFunctionName=goog_wrapCb_Wh7BZaabIuecjuwPs9232AI&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4A27 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
11900084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
j3LWb0sYBJuuXpW8AK9ItRUbiX2BD3E2tbef_FYTdSuHgTQoz_F9nw==
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndlsG,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,rmeas:1,rend:0,renddet:na,siq:30%7D&br=c
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndlsH,pingTime:-6,time:89,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,rmeas:1,rend:0,renddet:na,siq:30%7D&tpiLookup=ao:saopaulosempre.com.br*&br=c
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dysonfutura-book.woff
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0E01 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/678068588499727466/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/678068588499727466/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 09:19:49 GMT
date
Tue, 30 Jan 2024 09:19:49 GMT
x-content-type-options
nosniff
age
548646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndlu3,pingTime:-2,time:173,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:488,beZ:490,mfA:494,cmA:496,inA:496,inZ:501,prA:501,prZ:509,si:517,poA:519,poZ:547,cmZ:547,mfZ:547,loA:577,loZ:580,ltA:661,ltZ:661%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:173,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B163~0%5D,as:%5B163~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:30,sinceFw:142,readyFired:true%7D&br=c
Requested by
Host: b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
URL: https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame ED02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttQFEqIt1Jo_gOCGxX_8kCXBwXpbgz8ZKrXGjrqO-orwkzskd_e_074zOvQcwGaskbFhI9mGJpyhkyH5KYEJrMB6JQHrkrRHtd-oNrFqtolYH3Aa0TscUPvRH9Uej8J-1VX3pbaEoiMkjp-LKAn9vjBmCiE_7SoKb9jXSNza95Gd28qM2WpV2R1iW0Hc2jJb_-d15CFc6oY8W_XFw4p_dLg4dL2ohbfNOvL-qGceOO8al_ho8L5l0hSFve8tXBqrM9BUU7qWIH2JW5FrmxSOLhtA489Ccmhyerack3xseS1_UkgY_PoMXb1tykKbNhUhQ5bUMdHVyF7T5m_9119kiMItJF1qUrf9oJt5mTDZbBVv2b95tjGFkHG0cmLxNddX9P4f7tuCMLw8ZAt6UYjemCgb4WDm0lFelCf7GnyGsnJCcF7Y9RD7vZzuikd8mw3VxK4CbfPr7D7ic19tG0o1znDV_xCeRdyMro18_JCmFfMMyFUHdsjDT6_G05rMmJbsUkPL3YI4nsubRISc1vA7IcNXhrDxTaIhTeYPBe0IKpL_0MRI2HjxpRuCf6YHSusPn_pbYbJVmztHZ4vxhVoNjJRwCh33Omx0BkMQLguILjr1AWydGoYKFk3nHxh9nziz04X_zlN7F8P0X0hp7jAIyhAAOVb_KJd-i3YRwCg_CV8QBksGfYXt9IkWKzxla0xmrNfa8Ubu7E3De0O3G16Z0uqVu3T9cXgmle5iQ6FiQwmzdyb_MGG9ANjfqgmBKGlYnmd0gZw9bdS0qZ_kTnDjttAX-p3jT6rSLkpvbqfsGkX8uYV4j40xkA_uXXCK2CJYvrcu7_JlT9nTfYpyeRnPIWSWvr3hl3q3AdL8J7gMmqkf3aCRpsPRgNqrkUKVqCt-Ju4BL4d3gxrJp7lMIKqZ9cP4Fz1hwiGi4IEVeyIXuj0_n4j5IR4WPO-lLQwtnmFpnsgao-m30eaXNzQdmYCpApLw-fOD1gcsRVet5wAR36n2nZEHhsS4UGQIRc8EZVbTicjWtIw6Wf9Q36c5x6cOpT_baI36QKh_UvuE12Dt5whZMMS_Ex7MZDqNeI9D-Thb19VgjwYM5e09-gPRwDiHIXDcyAuDVJ2vYK_8DmSWR3rqWqIg_L0JUlYSKvcagjf5rZUVBCwQB0ffMTJ6S3_J9mRYno-XcQWIxbTkw_SdlUyU2gq5tCWLSdNfU9nFSHpueDIfS5yDsossvUtMzTdq4syH0l4X2CI_ZXClsW1oadb15181B6R2JBa99R8c7DCG5-2anYaDCL0R63De75_vYfPLR4s_WzCyRn-ZEVtuak1UspulNpnX3DdIJnaIg3UX-jRIZurzAqu87Ip0Tkrvmw8aW1RhPh7NI1jWGr6HZ6O5WjubcATkfyw_S-Rs3F9eA75xHo9LNURH7r60UXp9XnJcEB0fYh1T4_q9qhb03Iwk0QZ_392EMM67Sl0XRFVCni1xSr2HlIE-MsFqVCqT8ALUBBqLFXY2_lt4g5301FKiBKDmMTHaBYT-qC&sai=AMfl-YSKvMDBlTv2_q_LUKZnQw5XE4x3QD2bxeKCfHZQ5YmXuMhLiVkrGCOQP05RcaE28ioL-S6XLb1WkZ2HjT9-RI4fGxg8WyTIvMNkXZoSzgPv6aLsto_MaQvf7g3CkQ1e-RMK9N-yybiZJvuERv9XlWDJzmc8htwxddTwz2VGwVHXfmvtxPqZfDmxXHOTBwdC2mxLpa8Kk2pu43QVX5glNVthxSDsC_RgDRSiF3n12-p5YLQHO2LRDmhJ0uCIlz_wd7dA&sig=Cg0ArKJSzFf0cQzOOrWoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=424&vt=11&dtpt=312&dett=3&cstd=110&cisv=r20240131.89794&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 05 Feb 2024 17:43:55 GMT
feed.xml
client.bannerspace.net/112826/ Frame F759 		2 KB
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/112826/feed.xml?preventCache=0.3916060505342607
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
00516fdacc05a61a5a5b6fa07eef554218f8b4f7e11f72fc9872f161dd70a0bb
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:55 GMT
last-modified
Mon, 05 Feb 2024 16:05:11 GMT
server
Apache
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
no-transform, max-age=300
accept-ranges
bytes
content-length
542
expires
Mon, 05 Feb 2024 17:48:55 GMT
view
ad.doubleclick.net/pcs/ Frame F847 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvEbSdmFR6eUhQmbuippcZpRP3_sBJ2b8JMHEVvlPs0dfQurQQIwg92x7Gd1fA6Xjg0dkYGefL3Yq4q1AFw5G66H6d9cnqCkzkv2sCXwDtg7dsFIYvgW1_kTCwT4gi6vSwVdO-8N5u-fhPMHBT_Sqiv_M3Urso4mWSMlm1Ctt-tV474s_tnZPyy7MD9hO_-7fLLpzH7niYHXef_LEobmYzMt6uu-j4IMpaJ-NZZ0DpQYPwocEylndUhc3PK1HHFORPZHhrsFUwKz0vJM5HhNafqNIqTHh7Ma_TGoQsI-cMS2tmkCOxzubTaohIhahbb_9quwBad8lpbU2nZy4lJ3jEPJi7S9TX_oVj3o7mZClQC8s1-GKAwX_TL3w8IQH9PniLOEendLBlFS6wP2AKZj5XcRwMvqQfB3NToXQN4Q0oLfae6cdQmmoSCdcvBe6GLnsUxlaRMtkyLGhjys6vUJFgMwDowZqXlRz1b_HLlkG5VkJUS_zFfvkxS-9XIifcEzRG0LfsntsuUYOd-oSIFwCD3oIOEQafW2g9MWysh_rRAwCQTe-ZFSjsYSdkmttANhRmocV643JwPasjGiYsh_jkr1hiRbTvl2IdWYsdUHFXj14sGwdbTK37f2JkKIbNTBKxOcZtvGPlNnfDGTmvR3r9-n9FCMJU8l_AGtbFajGes9rC7w4ZCx7-vTDqu2G9kqi0jJd9MN9zyJh32L8MvtWcpVphWJmu7to8j6BIJnez2nEBsvaG9R3nejA4cIhuU5qobB5upeoZxtEvyz7SgwDSUYjn62uQdEAbv48MgM1ODwLGioOIRm0fkYfAn2fX0Tnpve6vHQSUzQXeB31f18dPHlkvkJzJ6w93M64PNgAYj8FvkbtCKuQW9LaStei3000Yx356W30j8MeCfH5YJDjKeKaqMiqTrWarM_ocyn-Duz5dep3vJ1mVj-a6Ao1m77yGC6waUEaRyvHXwqz7-knSdPaEN9xYF8MC9wFi_U1n_y-sfzxj7R0LWYFDGnQ3ywwg30_MgYtxFFelkSYwNX7WAgRXWLwy3bXjFgi-Cp_QJapAbkKH08Nz5rJ_zeMnFivs1fPYPy1-S7NTwo0tct9uGvK-YxWSaCK3VuTK0t2C40gG-b4EyTSkYcuV4scVGW-dHh_95WGkddX7xAcuQvxMbQ0Of9lGhQXD_wo8iVmST3gwrc4jFV01vT5KBplyLQxP53swBXhPuCidgfU6eQOcZnwHQeowsOTiQlUeskZs1SxT3ZGOzv3V1gHlkr8COKFi6gFCPiKr9h3SFM4xJYvoumH8dCk8rFo_BIkik_Pqqk3jboStOZric7Ix5DQ3tRMipiRJ232tFiCLJ3bMQqqqxGc8qGug3YBbG4f-ZKjgHTwL-epkp4qqCKRZGPz9SWlxB7DEVF6bv_YqiO2BTL5Mqw0GvYTICvOq01pa-aaqVvBPGCpI5O1Lcii0w8MXTSRH9rugb2RkGYL-W5WG71xedPto-1IYlTFc_WVOonzGTMORTcVwenwRTA_26hOS2cmDY2kvFnN5sfSzXyRUc1Y9iqAetRNJM4S1TbrQh5-UB9vpEiSurAU7TqqnqpSP0FEiG30V3nfflaAxU6RnTNbW19x1BxCb6&sai=AMfl-YTBkZrDf2TXfw-jnzMSOOaAqjzDOcfDrz8HiOAO9NPb7P9rjWclsQnYSKEgHX4hzoMGcwH38o_BOG2bZVgV6pdNnbp7ns8cRTCpGu2M7uyBeLnwQyw1pfKOxwJTO01nKnfgvk6uR9Ku48gI2vhFPqR2LpoUHRbbrLEFO2Jhyjba2AoDLQoVlx-J8svoY1CtTZ4qfsx9SfGmXyi4XsYO5oSUJ34XqNWugNIIZEAkxCTJ-hHx82eyJv_VOJ1oVdKXvkEtmQKLOaYTD8WFO0dK68q1-LLKKdfgFL-PFDts0dXu6-GR8l_DIcDY6AgaTxx_NyxtZLYRWifTLkP-05PVPbQO2lk7xLUOqVU-c1QamGgGlyL6Iyo-_jfZHqNDyF7GcplenNm-bvbHIJZeyckeObD5_15bZUjh5iWfhPGwX--PMfWG&sig=Cg0ArKJSzGo5nfEKBeyoEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rbG0uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=631&vt=11&dtpt=514&dett=3&cstd=113&cisv=r20240131.73214&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: saopaulosempre.com.br
URL: https://saopaulosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 05 Feb 2024 17:43:55 GMT
bridge3.616.1_en.html
imasdk.googleapis.com/js/core/ Frame BBF4 		755 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7106a90b5b2a07d04bc03d00d85d009856af368266c75ed077a10d69b77a5859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
509919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247192
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 20:05:16 GMT
expires
Wed, 29 Jan 2025 20:05:16 GMT
last-modified
Tue, 30 Jan 2024 19:58:37 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Feb 2024 17:43:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A09C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 05 Feb 2024 18:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F47 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHmPhWR7BZaTLPKvMjuwPvtuZKAAAAAA4AeAEAg&bg=!NjWlNXrNAAa8BdJLnAU7ADQBe5WfOHH2FnZfJltKcodJS8m6rPAefNZX52fi5aoF0InICwL0NB0ZpDZwkzkM1RERCpF6AgAAAV1SAAAAAmgBB5kDGjotUaIVUkL-ynweq56aZI564n7c8plm4pIOFz9BaOefrvYCSbelYuC2WOwU6zHeES94dySw_X9roDfa6wUMlDh8AlMn2HXSeaXlv6I60LnAYEwmPEbBlt8HjZQCywIuPlBeoQr78d6YeFA2-AFTnzPbG88uPhGT87d7ESPkb3wEs54GvZTpix1JXPPcW4UCKeyXyCUlQo5RTT9AazaCqS24d-9vIb_mWwjTOYP8PwK-XpLiCy3wWoehsy4a6_EPgmRvmGmtA0rdSPVfXdXaYbUv9qdzuHHIqcGqXuuNFAfENMqc5gOFpANcIKySFHMbbewUPr86fGPAe7OeuKH4wL-R956Ql1NjnYni_4cylnsk3jqjnxeriy21Sacy_yZVexp6ndrTRwXq17W1T0IYi0N5uU62eysRPBBkVy2zMPiARWZQIt_Qfvocapdj9emtCXQnVRSOFEg7APlPEowhdhbl9Hr5EBcaXefEWMucIZChxN6y0A9fENjpxwb6BF8f9bLJ5VVP8F2ukXwFN2g9ppVjnGIWP_6fo8HImf3pKWXOO-gxP8WLYF30E62a9wSVAIKjqEiz3TtAN-u2ll9j6FNv-TyHmycG-cUS5ss1-00LSNRI6khqJtOZhTdPl570Dvwq9m96rbOgYYxSBELFma6NZCQJwZ5bqrIgCXauL1MTC8ngi7My4tp5iZEOgM7zJtFzilKI7pLx4WuiT0IhaahMRwxTp7rV-4Wz09Z90T5jnLhwxCaT-0W4soDj3XkG8TXbvxiQEBFhgEouFq6ELl4CcRWO0PFanFqEbMGj2qWn8KqwwJmWo-bwZQHWpfb7XKRlqhywlQEIf1tPnQY6WBcEdePiEJJ3VmNV0SB7TiRGyQ8xU3at__IS1r1QdcfqcFRfd_3oTf1avzTr_hVMl6cYYvtz0BqNFSbz-YkIXy-WHxtYrKljqnG8Gdb40x88n6AKEW1vU9fuFfdvF8y2Kc6hyUFMifm-xeOVll2-YCT8WCEDJ6buwEP4K5IqcJZ-b-8fduB9MoNo3EprskDaiuymcc_aKBlVQxsH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
engine.min.js
client.bannerspace.net/111329/ Frame F759 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111329/engine.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16729303103553088595/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5efd5c070968ae7f3020be206ac993036ee7cbc6fab47e799ad4d9e9a86155f9
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:55 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
2988
expires
Mon, 05 Feb 2024 18:13:55 GMT
NoaLTStd-Light.woff
client.bannerspace.net/111329/ Frame F759 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111329/NoaLTStd-Light.woff
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_728x90.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

Referer
https://client.bannerspace.net/111329/banner_728x90.min.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
23972
expires
Mon, 05 Feb 2024 18:13:55 GMT
728x90_std_Flexi2.jpg
client.bannerspace.net/111329/ Frame F759 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/728x90_std_Flexi2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f32878e13dfff4c489fcf09eca30848ce4e117a19cf9fe4046d241e9a96015ef
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:24 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
64174
expires
Mon, 05 Feb 2024 18:13:55 GMT
royal_dutch_airlines.svg
client.bannerspace.net/111329/ Frame F759 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/royal_dutch_airlines.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:55 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1846
expires
Mon, 05 Feb 2024 18:13:55 GMT
winglogo.svg
client.bannerspace.net/111329/ Frame F759 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/winglogo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Feb 2024 17:43:55 GMT
last-modified
Mon, 20 Nov 2023 14:05:03 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1891
expires
Mon, 05 Feb 2024 18:13:55 GMT
728x90_std_SFO.jpg
client.bannerspace.net/111329/ Frame F759 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/728x90_std_SFO.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
573340a3b1fb4a52cf149c521c6349b7d7026209b30c6f00de2499154d1c36f0
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:19 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
19484
expires
Mon, 05 Feb 2024 18:13:55 GMT
728x90_std_LIM.jpg
client.bannerspace.net/111329/ Frame F759 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/728x90_std_LIM.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
51dabed566f1da2ff857acdf23159e25008c9cf9b3fffec3fb67e02f7494ae70
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:19 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
16788
expires
Mon, 05 Feb 2024 18:13:55 GMT
728x90_std_CPT.jpg
client.bannerspace.net/111329/ Frame F759 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111329/728x90_std_CPT.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:5::213:7821 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d824ed7e3c2729727887aac13c322e48fc3d7d6f8cf04c811119bed64613843d
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 14:05:19 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
23694
expires
Mon, 05 Feb 2024 18:13:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame BBF4 		52 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=3181703172668880&sz=640x480&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&iu=%2F21715141650%2C401774271%2Fdesktop_slider&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26dk_refresh%3Dtrue%26index%3D1%26hostname%5B%5D%3Dsaopaulosempre%26hostname%5B%5D%3Dcom%26hostname%5B%5D%3Dbr%26hostname%5B%5D%3Dsaopaulosempre.com.br%26pathname%5B%5D%3D%2F%26placement_name%3Dslider%26%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26tier%3D3&description_url=https%3A%2F%2Fsaopaulosempre.com.br%2F&vpa=click&vpmute=0&sdkv=h.3.616.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=864416872&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.616.1&media_url=https%3A%2F%2Ftags.denakop.com%2Fassets%2Fblack.mp4&sid=4E5B735D-23A6-4EFD-8F2E-8C00391446D5&nel=0&eid=44772139%2C44777649%2C44781409%2C95322545&top=https%3A%2F%2Fsaopaulosempre.com.br%2F&loc=https%3A%2F%2Fsaopaulosempre.com.br%2F&dt=1707155035330&cookie=ID%3D5a28b6c48c3867bb%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZqdi1sYpK8nd2LcWQ5VRVuMLxCbQ&gpic=UID%3D00000d50cc3528d9%3AT%3D1707155031%3ART%3D1707155031%3AS%3DALNI_MZfJfcqEgWifTojETI9pqjhFCgHYw&scor=1267769003695105&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dea4bfbbbb6e5e05af088c72f96b4d7db09dae413fb0a558669324aaea94fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEDE 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8zIkWh7BZaabIuecjuwPs9232AIAAAAAOAHgBAI&bg=!1dal1pnNAAa8BdJLnAU7ADQBe5WfODojdjvzZI8VJfajFHguAFYrPn6jBk8DR2hcy2-ifPr9Jv70kMC78MO7qNz8rx6zAgAAAc1SAAAAA2gBB5kDEnmnvOEz2qisx9-0NyXlhK2rbYRJDUNqPxNYV7G5huxd8ESUUr1DgO3rlWVpKk3SYAnV9Mg0IwxN9ph73dYWLP84BRS3w1gZJZejyH5KAfoB8BRslcdBBPkRLiq_szoKxvYiHOsNyLFn3cF9CGikXc7hdVyvH89t5wS3JHMThFZgbecxaKYcvpTQU65VdYvGINCJAlyMlfe1bJPzW-6AhUe4pLj1llpst0LDN6QEPT6lSQeC2PJMmfPRq39S-ghdC4saKdd7BkNkKGXZCssGT0EUOkdaktLZdcjzgAZxpxZsiGu0O3TmWJiisnVOMNai97b_pwsZ4HEjYo_2QAW4qgtHnR5qO-xgIPKsOF86dwUQQLZ7gD8mk918-C67wyKoYCz02o1fiKb15BCwqlTvVYyEEQ0egvk1FzTAXB_h8ibvMi2bzCVFFee66taARgAPZje4K8eNAPBHI0ZAMuPQ0DfCYXYgHV_N-zNdwX_rjdvgqjV4Z6DBPnnU6pE9hO_VNl0liF-RSkxKRgvQ3qWyedgM1Z2gpoIKkMQWlR0Q57sVqwB95cen788wMGWux9LZfSP136exkoJySbF0LY00vfP_D63bpcQ0ARbBjX1vvPXvY0rlz1pymCslPSUPuBEiu05iip4q4Q8k2p0F_mlZG74vLPK1WBqfYo8LTOIvQPIUAFvW7k6_JijPbJuXksRSaMShhZsZtrB6tkOwG8yQwftRasEbXgSlPx_IzTxXDvEbtpNHV0cizPyq1Iqu_dmlgmJx8N-vZKB6yg4WqHZC64s7BKZ4_kqDbaTY3fSESch-SHLBgfJrMwv8Y7tiIXgsAudGtPjJjA0UiuwCA_pKKAbj0XeOmlYQ3H3VutBc8Nmx-o0gNvcsvO2_PGCmVp-DryzyeLXdfI_fJJGKL_Z0JXAjqP_71TGzYEayT9JmRgLz_bb7j7cl8yMo7zIopBc-Gnr6WPm2_aAcKALF1nom6pxHWiFPFDV0pQRp5OhPgSyrllzeXMuD4_HPkADT_zpDEzTwQCxkvvzc4roZWkxYWwf-AQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndlyu,time:448,type:e,im:%7Bpci:%7Btdr:166%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:448,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B438~0%5D,as:%5B438~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:332,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:265%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndlzT,pingTime:-10,time:535,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjEzOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1707155035437%7C%7Cce2e146407e44f02de9bd288a704c391%7C%7C1a43c5a595e6acc2c81f3001d0e137e1%7C%7Cbb9da4b3ac58c1f6b4b88582c051977e%7C%7C9963ad23d2a0c676b4b9a6fd76fa5f05%7C%7C9161d51bbb93f269a74bee515badb3f3%7C%7Ccd7042e141b3a202b0c5b6ea12ae4acc%7C%7Ca030246a2423ffa2e281954fb56654ee%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame F847 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufB6XcmgBD1yeNW5W8U8yZbwlCCU0KIKf2JUdzzEP_hrIXTCueZ9EANV-ZnBUw4hOrx4QjziPox4Mxqvu47-u_ZG2lZ1yCaC3EyZE46IxGYlcit6pITU4OTvgCH6BghNF1T_dscKZmrsTrXK4sq2-i23czgW0ZsWSY&sai=AMfl-YQbRq4_SAihISDjHY8w_X0u1KDe7mgG_VA_HlcJWFM0L8_yQEWIQMmH9Hqj3FcHaoOOaEH7bFuw0P0Cdkj5GMvYQU5h6Kh6TWggPspHW-4YJhxVrHO3z4QnBsg&sig=Cg0ArKJSzNgxLwfaXh9DEAE&cid=CAQSOwAvHhf_p3O4G2Hcn7RmksoakQaK2r-v5oQ5_T0a_8au2i6kxfhud9Kde_hWUzbdPOrXuhn4k8UbWD_iGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=102263104&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=308783400&rst=1707155034422&rpt=197&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BBF4 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ls9813kl&c=2725489267939&slotId=1362744633969.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:814::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED02 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv5qqxriVY2QEd5rGQLKcQCIqQ3Q12EueIZhx2KGs7ZgXQVw-8xabtA2e7sXohj0tkta8qytYvlxn_sBQ9cltc5WImw2ejIV5ozbCb673pab-eCo9HESsaiSZTmK3OR2p5GkCxM_oB-cK5wTtQldFFZOcdYeWykC3u&sai=AMfl-YQGdk987VYeTzKn1_jrXEcJfLWu_v3GzzQtmrcLU8OEQY9s1QXPAUKEc0ZHVxzzc6PkUtI1g8MU3pMF3E9sXFSuyZkxWlDuiYVuBCR8GdxiwDHeEzk27ykQsp4&sig=Cg0ArKJSzE3xKqLd4AoYEAE&cid=CAQSOwAvHhf_p3O4G2Hcn7RmksoakQaK2r-v5oQ5_T0a_8au2i6kxfhud9Kde_hWUzbdPOrXuhn4k8UbWD_iGAE&id=lidar2&mcvt=1009&p=300,1559,340,1600&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3974113285&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=308783400&rst=1707155034414&rpt=288&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BBF4 		35 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CwS_SwAMhzA3iyOe7CSZdxKv0MY7UusdGyxY6COARLfJJsmGBqT9aT8toH6UjO1B7ecIvGVzy0Fc2qs5XyRMu0IxrYpw&dbm_d=AKAmf-DDBawsezVWyNeCnv0bI_VKE7eZfef_kH1krjZuKUf_ALTj32cS5DpGT1J0fy13KXOaXnH5k7u3hp_17xA_obcYjLcWInITe5VTuN7eMyYBqs0dPmUzt3yzWlNqAna-wZKcmvVDLqTiDVHi5K6WcW4WOYnr8UMC5HPWXh-YDTE6pldwh_oRP7AwFLvB71q_-AqCS_UZCrr6llW9G-Ayq1c1hMRn0x77zMb90cjZnWUnECgmhmVQcgLPX7KNrh0MU2RGYXEezADznE9k31MwTCrLcWhRHC8ZDdipw96nPMpTYMi4pWespC_VCViUMhORvND_OOMg5iNkSudJ7i63d8ncokwooF3K3qKgBE49yUQ8hW8QY3Tn9bl05t_stGHe3iQtIyZBGQZkGUDYBConyrNBbJe09o9uO0uuC5927FvZOGnK9-kT9LAJWttvja8u-o2UZZnCHFLg9-HOymI_FRTKpCPsLdqy4GZh6VpWKhXnXqpj3kRsYjUIs4twu2dzkLjVAZ8TE3xAavXnox88G15c6zJEYRAsTksJr0csnBmJvhdo38NYSnwmJ_8hX4J7KAohmMp2RDGMCTXNCR799V_j3kG1vVHmKxdYfDDaPoXfMuduFSmNcYiaTQZuq3q3aTdu7bTf1fMpaFS6Fsn9FWougg4bgHtgBhk6v7IZwHTAsnviB7Rgorz7T0nHxcbXE3cRtzsgbdzh6MYygfjsa6cHrvY5v4qiu2yCCtJc-lvfLA6n9uT7JS_wI_9by-xOWEB-DRXFefqKL9Wga3FwzP-rHjAYuIGp-YCb159w3AWT5Hajo8aWsgIdxamcRkGtgekvfX--VhNCV2BF7f-RWlOR-1AXGdAq-5nxAnRqVJ2MTvvEJjSUFm2QLVFKQo1UNQrDAIhZEY9YpWgTulHSWOkPtqNkkL9F6qeMnhtdtxID11gt31DCVzmO767hACfpiSRMKRjjLLHjkMTFvsPOa0E3lH0v1sBBDCamBxlvfB_M6Wre_I-3JM7XAcP-zTev1Q_RQ7D519lv-J-cJ7dPpgHRoWDVdq7sGIL3VdAB0YlbSKqSWv3-9ZxKjkhIpp1yX-ik0xAHgW3tOXdEpUtO3WTa4qhCTNxRkx-_GNXtd62Ic13YVV0yDKUOAVmQ-eceNCBzse1-OoL06ZEca19NROKTRRJQ7bvvufYqFwXo8Oml7nWbr_onJyv8_lInxWXAauYIdvUNBLEO6BXauyetUVCDh_Q-RcIy6isCFk_-Kx-5fL85lbB_Nv3V5Td5cInR0DuNZf3eaIRHMCLv5vSuwICZntmmR2GC2NfhYbPaLGB-wfE2Lv6iHbdfEdVGP42Wv5MR0QYakqE0126gfZ777e0FfJGK5iqtserttj0xXXR6AMjVqS409soQ59N_-QDXIJUIfbqk1HARadDqSamqY88UNSEhuA4l1a4sSzJJplRqzdjSTeMae1T-bOBuVU2oAVwrRMJ5BCTzEl4wYuTX-vsZHxHcpLQaIgMvZqkZYaoBA15utvJrwgEceHYmzccP0tLSVQFy0sR0yeveVQ-aTZ8qPrAqeSPeulGWxTqqvE25WKQoKQOKtWBeaS_0XqqE-k40mhoKoq3CqlgsM8t3BMX8auZ5y9_0CydYzGQTJ3whonJ7XC491CC9wIbmS1GCyH-uQzIL-jNhORojnwZLhagj5Kmf58C0uXEuCtJmiRECFQrwtOIta3n-SQWUOelhtjRaXV6FLMXTaANhVbCKK3Piral4TM3MOVgJISMLD8poTtoiD_QSKltVQMhr2WKYgS2SigU1Z7rGyButPNeHkmgDegbncN0YLQCT-hqienpzu5jCzRN1KwnuODXq3g_rV9xG0fvPVwH4etqMOlnqOIE_h6NOgEecxpoT_q_N3OZQnexKDCUoeZ4cWxfHN8QEn3AX2dSUZE1WK3RmKyqHU7dhxyoFQxZ2x5QO0e9FQ3Uz5F7l7QijRdeRQcYMsARd8dkeTqtZWV5oMbA1C8nSMKCtdF2gvVJxr9j0pNExbXdjbvZAbhFBq-OyMnwX_WsaF-hbtOaYULMXfaQhfE_5cCk1bAkdgKvrDfVa55LQYAuMiqxmU_x3I71CZLmHPd6S65nNU6VUIAeL3cb9NgKjhDTrYv7tEODh_TglO301f3ABBdnSqL60osjWV3svhB719S6ozXo4uIBlKwnU5O6iUTQIlBU-oY4dbiX-GS90eJfsxZXJ_lTyR7PxbhHwIo8ryu7-qTtwclPd4hhCKtd1UyyL21zCHUk0Q9SZiQEbN-hKNQMHBeXLK3Qz9_gWpAoWooimvJbxZK56R-loXnzYd9zc2FI-kXRXOCmbJDtXoVlSP0Uv9wTuJp4KkL0_juqtgme8m9lnfAQzs3fPCFM9Lzaetj00eK2qD3YdN2JXOU3xPViOjE_GhmjevuBmTS0fooOFkPDMBL31_HXwgsaHa59HDdXL8PaR6YWuk8EWJ0Zzhu3qhWTIWBpXcetM1mpj26PAMW6dRzjQi9Svw-4zsjyJcVDk5KrRfqbHchZui0_Xj5hzt9oY8bb6Lj1kVaFaIi6noc_pVwrwkZIgM9sJQTD1bc5syPjWY6RMlKWzv5hx7eJtPJ_-xc-f_faSpEqlmu5jp6e621qPcZzXSYZiOVnfi2vE_qS5waz7wJpyzAis1KG-8ahzSKDKNd-5nZ7QRbWga-Q_w8wGEFa2cX6VIcIy8eDmRsfuFduycRLwKfMXmkWHrZakfF5qUEWOQ_d9aLrLlXvtLsT4kEqXNnyxRn4Qf3K8j5ybxWjOV9iCd4h7gAO9Q6WA52yjHTwlPnK2eJ-6ZKAadrVj-Zrdlvz4bEhfomsLFhGgh9UDfngTyjYCqtcqqCSscxaM2b-NQ5utM9Pqq7cJmwYoHfcuqxnPjpqP8U4pK74JeEbxSPPpIWGIt3wzYU98Pd7wmWRH4LgrVJJgAyZZiSHeZWJKOQ1GcEtlcgXpYEBY_0zX2NV9FBPgutuF-uAgq0Y74oOxad9peZ1Irkdeb6U4ujdW5N_gYjHZmV21DMJfQwkq8M2ucRLxQOntp58wGltPa8WN3zGRmDmqTVafOz0fLgcJXoHHPivQ2DYpCoy0kU14Gaj3qzmdpCsdJv1LBNJe3TSR8oB9vo0na5bRSVmLd6OHgLdq43NTkXMFaaIGRmZ-K2aCk-isjSPdmJytxwJSqFdJCLsiiFLH_Lh0c_ANTl7czmO4TMsamW3_NatdDpUjj_3-0If3xQ3tgAk4hNccBh2oWCmIr_webhapS6lXEhd09sSut4Q7hKb-S117pFgUlTBqZ3lPAcvMiUTjfqs4gGnFiq3r-WrMYK0EN9N4zJ2oDRhOAlF0VUvQb3MXi3X9mrpW-ZyUSefXMUoBGKANhLjSVK6FSiHeH2vPAFvlN7_xKa8kJ5MiZVbnvwjXRuxUPOxN5TELDvkIx0JR7o9qe3-o7nqOoFC0bHVrMGt3i6QNT8KJS38Keqp8Ztc1iUMTrX7zwxrFxKTYyBF1UMkPUDdoiQaH0zyMaAOpE7q02m04fuYARY3Lth4RHa4fN_C9Dc-P5isZVqhFvE9NZ8vl85KBxPJlEoqDJjweVPyad7SdS9jdkuu0YwLVHv9pB8qxY_jugUqq8nazXN0eXz72vB1JMpumrsyUssnbIdIhHnUQY0SxIooPE3ICsK7szi6YHXS3jPsvhD1y5Ir9iJw7t2_cQRw76dfw9quxTMS0fvEKEuxgqyXr1hBqS3-Y0wdKRlJKeikAC2EDx6DSphZGRBF1rtfQkiNNxX8P_T0eL0t6kCy3vD-bJmsOSKhJ9EZs14nhtswy0z8DujPJ4342Bxclf52ziXSVQevv2SPKsapVVAFLIt_2t7ZNDg_sbHSN2L7YfqJPKi8n64tyD_ZqOQInlJ6cshvs2QgfEM28DnnVixY0d3xYNbTQjPXwkBZOYcr0PlDbqKhnmnL3AEEmviuPjUhOwRkeLRz7n86ZnK2ze-73TWslvzjyni4-Wd-JoTtT8II6cdHkBX3eiruSP6gnfOwEtNHycOPe&cid=CAQSOwAvHhf_Zbcrf0eVXGfB52D-bbJaTn7iIeHcqrs4980nYPa9ckpHoiLYubAtxpyl6P9CeMRgOeJhg_pCGAE&vpa=click&vpmute=0&sdkv=h.3.616.1&osd=2&frm=0&vis=1&sdr=1&nel=0&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=864416872&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.616.1&media_url=https%3A%2F%2Ftags.denakop.com%2Fassets%2Fblack.mp4&sid=4E5B735D-23A6-4EFD-8F2E-8C00391446D5&eid=44772139%2C44777649%2C44781409%2C95322545&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&dt=1707155035792&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f157.1e100.net
Software
cafe /
Resource Hash
b1b60ebf1e21a7919d905cc72ded7208172807a14adfa836505287f00ead93ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19333
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GY97Y7QLVF&gtm=45je41v0v891076116za200&_p=1707155030633&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1110527849.1707155031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707155030&sct=1&seg=0&dl=https%3A%2F%2Fsaopaulosempre.com.br%2F&dt=Blog%20S%C3%A3o%20Paulo%20Sempre%20%7C%20Daniel%20Perrone&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5722
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GY97Y7QLVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BBF4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ls98140a&c=2725489267939&slotId=1362744633969.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C95322545&vmfc=0&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:814::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
77361558
unified.adsafeprotected.com/v2/1896414/ Frame BBF4 		38 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1896414/77361558?mon=77361561&omidPartner=Google1/h.3.616.1&apiframeworks=2,7,8&bundleId=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvwPM1LrVqBIkDe76_dRW8CsuMiLi36uDtaUtiogAMoY4cp8x_u92nlXBSS5aW0my3TkdT7yDab2jLhevjz_lI6Q5RNUY5PJhBLTb-jJ3-EodAw9VIghlvkko7tTsUavcMSl3YNL61bIe8wRWY_MSol0L_ThVqVjd7Ctl6smPIkdW1gE8WFPjD3ch2-x1sDVGJqKA%26sai%3DAMfl-YT29JWZ_45PgYmNKUa4kiuttP4gCvQErJcDcFzZWmsmDbFE27FHIIxTK--ldeKzUgHC_F6hogpX-6U_KvJiG4D5Xwe4DO-a0DyCENXOBRY6-3X4kpZrlFL2f-GN0A%26sig%3DCg0ArKJSzJucZFwKgVJhEAE%26uach_m%3D%255BUACH%255D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_xsid=2024-02-05T17%3A43%3A55.926Z&ias_dspID=3&ias_campId=1015451884&ias_pubId=&ias_chanId=1&ias_placementId=20862157360&bidurl=https://saopaulosempre.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0icBht_MZqHOK8kwnfFp4YQ&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1335164.279382DBMTP-6131431-TRA/B31161677.384377794%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1015451884%3Bdsp_publisherid_0_%3D%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D20862157360%3Bdsp_bidurl_0_%3Dhttps://saopaulosempre.com.br/%3Bdsp_dealid_0_%3D%3Bdsp_xappb_0_%3D%3Bdsp_impid_0_%3Dv4~~ABAjH0icBht_MZqHOK8kwnfFp4YQ%3Bkw%3D%5Burl_encoded_publisher_data%5D%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.616.1%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D864416872%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://saopaulosempre.com.br/%3Bdc_vast%3D4%3Bmpt%3Dvideojs-ima%3Bmpv%3D1.11.0%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNzA3MTU1MDM1ODg5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdDJiMURTYjdNN1RFdEkzaGFaVDJmVUppYnNUYVdQSHVCT3BkSHRJbUNBTUd3RmJZTGZQLXdDTzJyaFpuaUJFc1g1RWlKaFQ0SlByUUZYWlBGUjlmeXpnc0ZaVzJBSUJ1Um1UaTUwUWhvQzh3VFhwekNGX2ZNTnRUZkdxRUdDZXVKMzE4S0hYVEctWlY3ckVJUGJMVE9nVGVudmdCazlzdG15QmdUV1FESnVfSmJQTW1IZXpGZWNjRWg3OWpfMnJxRFlvS0o1aXd2Z091R3U2ckNfbmI3R3kxa3ZYZU5SRnIwdWJaUnlfNVJuSE1ocml0OWxQTmZOZXZ6aVV4N2g2MWowbHpidWU3OXo3UG03M2kzbkptSXF1NlhmR3BKRjBubW5fakI0b2Yxbm1NV19HRi1MQ3JpTUJmS09say1JM3hBUjFKWVByN3VXeXVtRHV1eXlZb2pWeFZ4bWdWNTBlM1dEZk5zdi1qNXhQQWdPdGg2UjZTT3hxelJiNUtHY0VnWkEzaU12QlFiNEdMZkxXYUVUSkszWV8wQ3NOREJSbFN1SkRlYlB5Uk5vTHpQTnVsWVIwejEzM1JvWVpCR0tiRVc0ZEpabjZodEZNVklFeEVfbXdkb05iRUZGaGp2eU1fNXZSU3JTMmVIY2I2SzJkTVBzMXRzQzRtZ0tNSmUxUm1sQ0RDck1LcjRBbEZDV2dvazdMR0ZocWs1cHJjNVpyLTNTNUVDa0l4UFNOemFnTFFkVl8yQTFoNXBlRDF6eGpwU3NzcG43UVo5RzFkQURIckMtTEJtMkh5YmJMOTB5dXlWREh3bDFzazV1SEVYWWRXVUF2NENMekRvbFU2SUhIUDhFVm5xdVlMVFd5bmJVZFpzY2tpek05OHpvbnQwdndDa0U1UG55T3Q1RFo1dHlsbHN2dW1tUVBKdllQRk9jbXVQdWY3RmFMU0hGOEY0dXUycW95SGhiWFlFZ2c3Y2hPRENFUGpHSzlVUldFVjBUTFJrUVpNbWFUOHZfakxzajZIQnNINjBqYXhDU1oyOWxWU2xYb0NOeWI4b3ZrVTZHNnpWTUFuQW5UX0xRall3am93dVJqdUtxNEc5eWFOeHlPaVllaGY5RS1qTWRMS0VyTE1pa2xTSFJ2SGpBeWVfbzNQQWxmNFRkTUYzVHlMRkhzdTRybU9FWElaX1JnSjJQcmNsN04zcTY2QTRybExvdldGR0FzZUZ4WGh4QnFMbk5oOXZQdFNZZXEyWnVNSzZIVnpsUWRFcFpoZXA4WDlIMFk3S0xDcnpCMTB0MTJXUS1ZT1lNWHp4Vk1UMDBKQVBqdjNRdWxlM1FzVlRjYWk1NHROUHIwUTJ3S1drOEdIekZuUGQzQ2FUZDkwdTI1MU5LTC1CZ0dCMW9rdEtQMUtEQVhyR28wMFpQdGQ2MzJrNkE1R1ZXX0dORkwzUW5QWTR5R2NtTFloSEhSSVZVRkE3eEl4X2RHZ0tvUFdLbGVkYTA4VjdyYlhVVnE3MlVYX3FucDRSNXo3LXpVSGJlSzdqdXo2WFVxZ1V1VW9mVUtWc0hJdXpKNTB0UjZEMHE1anB1bEVGT1dLOXpkTktLYWo4c0JZd1doVm5yR3BuNHE0UGtjR1dQbnNjT0xqZ3lkVTRiLU9pQXlQbjZ1T3JqQ0oyb244dU9lVVpyYmR4eDJRN3lDZmFoQ21sNFNNVXVqY2ZkY29pOXRrNlVKUjgxSTRDa3ZENGp4aEVsaDFqQTQ3TjgtMlQ2TUhKMFpVZ2ZvRUpROFB3cWNzMFA2Z2pVUmtmRUFCbGlFSFlubFhmazJIRXhjdjdUdWlBRFMzbnl5dnJ4MS1hbUJpSkFOelNTcmdpU0o1SUNHN1I4dW5MQmpSQ1RtNl8wQnNSbmRGWjJLZzltX3ljWG1UNFozOEFZUTAwZUFlTklkV2xKQ1pGbFhQdG41RDJ0Q05PdHliMWpYT0ZLYUZ2REJLWlJRcXhicWl4ZjFIZE03Zko4N0lDeTU0ekU3MklWQ3ZFWEVQRFBMdGxsbmJyNyZzYWk9QU1mbC1ZUlR3ZC1EejY5UlVwQTBVNGdGbnEtZjlMQVUtS2FFU1d3TUF2Z3VqZHJhazl2R0VxamxnY1pmdXF0cElpTmVHOFV0MkJadURtd3R3RUhXUE5IN1kyU2I4MXpQaXRicGlVblhQd1g4N2FiSkd5ME9GVzl4VUE1NTRlRUdPNGhGZHBJUUFrc0h1eXJvN2hSRnJYaTJkLTRudmNhM2dhdHFyaVV3Rko2SkVxbVdoRENtZzFvaTJKR3lTazBQdlNiT2FHQkk1YmFOZUVHUmpvaWVfTjk4SWpvT0hGMHFmWl9uNUF1cGVoWUNuMGgtS1FrYjFTeEFFdXFMb3k3RzNnb0FKQ2dDSkJJUzdiQW9QcE0mc2lnPUNnMEFyS0pTekR1eWt6b01SeUc1RUFFJmNyeT0xJmZic19hZWlkPSU1Qmd3X2Zic2FlaWQlNUQmdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuYXJhZy5kZS8lM0Z1dG1fc291cmNlJTNERFYzNjAlMjZ1dG1fbWVkaXVtJTNEUk9OJTI2dXRtX2NhbXBhaWduJTNEb25saW5lLXZpZGVvJTJCUlMtRmxpZ2h0MS0yMDI0JTI2dXRtX2NvbnRlbnQlM0RSdWVja3dpcmtlbmRlci1TY2h1dHolMkIxNSUyNTIyJTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D207110167%26dc_adid%3D575337508
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.85.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-85-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
78fec288a29f63999e74841d975b63c3f09077a64a044f970c519d0336480058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:56 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cn0hsn2uh1dnvhk330hg
Content-Length
18168
csi
csi.gstatic.com/ Frame BBF4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ls981443&c=2725489267939&slotId=1362744633969.5&vmfc=14
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:814::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/6642bb1c-e72d-4075-82b3-ff7e31f73438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
92
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
850cf560e9169195-FRA
expires
Mon, 05 Feb 2024 18:42:24 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/6642bb1c-e72d-4075-82b3-ff7e31f73438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Mon, 05 Feb 2024 17:43:56 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
C52HQWYNTJPCY3CH
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
zs886llTgpA1jx1HSCyxeNY74GAbKdW9STGHIOL+oe5oRLVPCaVk7bALZvh7yh2UMnnJ2ttmq0Y=
fpc
at.teads.tv/ 		0
344 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.233.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 17:43:56 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://saopaulosempre.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 05 Feb 2024 17:43:56 GMT
46575
tag.navdmp.com/u/ 		497 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Apr 2023 18:41:30 GMT
server
cloudflare
etag
W/"642f125a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
850cf56109419195-FRA
expires
Mon, 05 Feb 2024 18:43:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED02 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1969556844073&version=m202401290101&ct=76&x=1&cor=4589270900344061000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155036419&cb=0.7039034646837952&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf561ad7635f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155036429&cb=0.40192367436287313&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf561bd8835f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
usr
usr.navdmp.com/ 		359 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45427ac1b9172eee51c952f61298656a4a231db89ce5c0a1b9bcfd879f770cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Mon, 05 Feb 2024 17:43:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
850cf5620ab19195-FRA
expires
Mon, 05 Feb 2024 18:43:56 GMT
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=1416759651e99c00197fc2c33110%7C0&acc=46575&tit=Blog%2520S%25E3o%2520Paulo%2520Sempre%2520%257C%2520Daniel%2520Perrone&url=https%253A%2F%2Fsaopaulosempre.com.br%2F&upd=1&new=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
850cf5630bdb9195-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=86276150865
  • https://sync2.navdmp.com/sync?prtid=2&id=86276150865&google_gid=CAESEOigC_t8s6L5nu4JErSh-W4&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=86276150865&google_gid=CAESEOigC_t8s6L5nu4JErSh-W4&google_cver=1
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
850cf563ccfe9195-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=86276150865&google_gid=CAESEOigC_t8s6L5nu4JErSh-W4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=8f8565c1-1e5d-4a00-a698-905c54bbe850
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=8f8565c1-1e5d-4a00-a698-905c54bbe850
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:57 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
850cf5648e409195-FRA
content-length
43
content-type
image/gif

Redirect headers

x-cache-hits
0
date
Mon, 05 Feb 2024 17:43:56 GMT
via
1.1 varnish
expires
Mon, 05 Feb 2024 17:43:55 GMT
server
MT3 1469 c412d14 master ord ord-pixel-x10 config_version:"1942"
x-timer
S1707155037.763251,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://sync.navdmp.com/sync?img=1&mdia=8f8565c1-1e5d-4a00-a698-905c54bbe850
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230029-FRA
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Protocol
H2
Server
3.75.62.37 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Mon, 05 Feb 2024 17:43:56 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
344
content-language
en
json
gum.criteo.com/sid/ 		2 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsaopaulosempre.com.br%2F&domain=saopaulosempre.com.br&cw=1&pbt=1&lsw=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
281748
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsaopaulosempre.com.br%2F&domain=saopaulosempre.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://saopaulosempre.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Feb 2024 17:43:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
261759
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame FCC1 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
0e25114d569e2fdb97712fc55fb6a4f3413846cccfafd07d60a524219bb1b88e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8344
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:56 GMT
expires
Wed, 07 Feb 2024 17:43:56 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 4F00 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 05 Feb 2024 17:43:56 GMT
usync.html
eus.rubiconproject.com/ Frame 4618 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Feb 2024 17:43:56 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6237 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1707155031485
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 079B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44205
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Feb 2024 17:43:56 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
328, 348905
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230062-FRA
X-Timer
S1707155037.838077,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 4618 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
640581cd0e5d608465edd5624e74c7c4af3948f813d27064151422cc7eb1a308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2024 23:24:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20364
Connection
keep-alive
Content-Length
10921
Expires
Mon, 05 Feb 2024 23:23:20 GMT
khaos.json
token.rubiconproject.com/ Frame 4618 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
async_usersync
ib.adnxs.com/ Frame 079B 		0
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
an-x-request-uuid
c08ae68d-8869-4f6d-bdcb-de824e9f1835
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame FCC1 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3501566341491886000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 17:43:57 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 05 Feb 2024 17:43:57 GMT
json
gum.criteo.com/sid/ 		2 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsaopaulosempre.com.br%2F&domain=saopaulosempre.com.br&cw=1&pbt=1&lsw=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saopaulosempre.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
295815
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsaopaulosempre.com.br%2F&domain=saopaulosempre.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://saopaulosempre.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://saopaulosempre.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Feb 2024 17:43:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
294884
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 27C4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44205
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Feb 2024 17:43:56 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
328, 348906
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230062-FRA
X-Timer
S1707155037.949208,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 97AC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44205
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Feb 2024 17:43:56 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
328, 348907
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230062-FRA
X-Timer
S1707155037.958722,VS0,VE0
/
onetag-sys.com/usync/ Frame 895A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1707155031989
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 7962 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349ca649c01e5a4db13580cbca75c92b18151f8261f921f89502bb66fbb1c4cb

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
850cf5650f9c2c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:56 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A1B8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://saopaulosempre.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Feb 2024 17:43:56 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 27C4 		0
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
an-x-request-uuid
c55c3986-6f23-420e-8c1a-e5cca8193cf3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A1B8 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
640581cd0e5d608465edd5624e74c7c4af3948f813d27064151422cc7eb1a308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2024 23:24:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20364
Connection
keep-alive
Content-Length
10921
Expires
Mon, 05 Feb 2024 23:23:20 GMT
async_usersync
ib.adnxs.com/ Frame 97AC 		0
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:56 GMT
an-x-request-uuid
8e41957c-42a1-4f76-9a20-a513bb630f15
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10274&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fsaopaulosempre.com.br%2F&t=1707155037014&cb=0.15654983797476363&aa=slider
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
850cf56559f335f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7962 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1743089
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
850cf565b84e2c1c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndm0w,pingTime:1,time:2186,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:28%7D,%7Bpiv:100,vs:i,r:,t:1185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1176~0,0~100%5D,as:%5B1176~160.600%5D%7D%7D,%7Bsl:i,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:113,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:265%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame ED02 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ddf25ce2-94d2-f838-4f7b-843f547ccdde&tv=%7Bc:3ndm0x,pingTime:1,time:2187,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:28%7D,%7Bpiv:100,vs:i,r:,t:1185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1176~0,0~100%5D,as:%5B1176~160.600%5D%7D%7D,%7Bsl:i,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:113,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19*.1874223-77019497%7C191%7C192%7C1931%7C194%7C1a1%7C1a2%7C1a31%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:265%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
drop_cookie_sw.php
csync.smilewanted.com/ Frame 1202 		0
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
850cf565e8892c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:57 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame CF14
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.134.110.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 05 Feb 2024 17:43:56 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 05 Feb 2024 17:43:57 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
4507727447006430603
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame E4DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4507727447006430603
0
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4507727447006430603
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
850cf56648ee2c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
95315dc0-eede-4a6b-aa69-a67e9a6a07d9
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 05 Feb 2024 17:43:57 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4507727447006430603
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame 2D56 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
18189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Feb 2024 19:06:58 GMT
etag
7287664291636797308
expires
Mon, 05 Feb 2024 19:06:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BBF4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIznBWx7BZdy8Fp2_juwPv6qOuA_4xYTddY6l5deuEvAuEAEgxfaGaGCVgoCAoAfIAQWpAnzVXKqX_7E-qAMByAMTmAQAqgS0Ak_QLueokrTkFnrNL7M1mKWZX0KoUHoePa8RBkNnPVRh2lCqFVRxf5tb9AbGwOh9uq5yIFkLk4C6-lj18EdVcQlzvb8Dh-OFRifDcKvyMmEUubArmGrhwAPgfuLDwae6EguOqJ08PSnCw0WjNx3OqFaIsM46Aij22ag7-RgPXUYl_CyvkFam1cszB_C3sy0Hcmeml7FPXFbFuruMFMy_CEMWCpzVb5IsXmltTl7gxVH7OtoMaTFYUVuTcsAUnTKaYlyDSczlASSHCHA8KsBXKsmEoJVoS7DHOQ-ckHOspd8bTJDHJEN4L-zeQLtggHMONp1U8Ss40VxEIDn5zAuSSPIxLYnUMc9XZG2C7VScKqXjArm6XrRz9gGCU3DO1rJeWf-B8ZNskGRvVzP7gAbF5aYB628TwATVzLqUxwTgBAOIBbCE7dtNkAYBoAZOgAeg8KeQA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WKyU1YvglIQD8ggbYWR4LXN1YnN5bi00OTE3NjE3MDMyMTQ4NzA4gAoDmAsByAsBgAwBqg0CREXiDRMI1cfVi-CUhAMVnZ-DBx0_lQP3sBP9orgWyBPsoZrkA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=84QBYyW-Rhk&label=video_ad_loaded&sdkv=h.3.616.1&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auto.svg
tags.denakop.com/assets/ 		685 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/assets/auto.svg
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/assets/css/videojs.ima.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5349880f99b0b3e5c8fab8cd374aeac5bca01a96b1e515c82924eec601c79d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.denakop.com/assets/css/videojs.ima.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 09 Jun 2022 14:12:40 GMT
server
cloudflare
etag
W/"62a1ffd8-2ad"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
850cf5668b6435f4-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

Referer
Origin
https://saopaulosempre.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BBF4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIznBWx7BZdy8Fp2_juwPv6qOuA_4xYTddY6l5deuEvAuEAEgxfaGaGCVgoCAoAfIAQWpAnzVXKqX_7E-qAMByAMTmAQAqgS0Ak_QLueokrTkFnrNL7M1mKWZX0KoUHoePa8RBkNnPVRh2lCqFVRxf5tb9AbGwOh9uq5yIFkLk4C6-lj18EdVcQlzvb8Dh-OFRifDcKvyMmEUubArmGrhwAPgfuLDwae6EguOqJ08PSnCw0WjNx3OqFaIsM46Aij22ag7-RgPXUYl_CyvkFam1cszB_C3sy0Hcmeml7FPXFbFuruMFMy_CEMWCpzVb5IsXmltTl7gxVH7OtoMaTFYUVuTcsAUnTKaYlyDSczlASSHCHA8KsBXKsmEoJVoS7DHOQ-ckHOspd8bTJDHJEN4L-zeQLtggHMONp1U8Ss40VxEIDn5zAuSSPIxLYnUMc9XZG2C7VScKqXjArm6XrRz9gGCU3DO1rJeWf-B8ZNskGRvVzP7gAbF5aYB628TwATVzLqUxwTgBAOIBbCE7dtNkAYBoAZOgAeg8KeQA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WKyU1YvglIQD8ggbYWR4LXN1YnN5bi00OTE3NjE3MDMyMTQ4NzA4gAoDmAsByAsBgAwBqg0CREXiDRMI1cfVi-CUhAMVnZ-DBx0_lQP3sBP9orgWyBPsoZrkA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=84QBYyW-Rhk&label=show_ad&sdkv=h.3.616.1&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODUyOTY5NTk3NDZAwgMKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzUzMzc1MDgyCTIwNzExMDE2N0CBAQpfCAESG3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTU3NTMzNzUwODIJMjA3MTEwMTY3QN8BUh4lAABwQSgBOgsyMDcxMTAxNjctMUIER0RDTVAAYAIYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BBF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CP5HfWx7BZdy8Fp2_juwPv6qOuA_4xYTddY6l5deuEvAuEAEgxfaGaGCVgoCAoAfIAQWpAnzVXKqX_7E-qAMBmAQAqgSxAk_QLueokrTkFnrNL7M1mKWZX0KoUHoePa8RBkNnPVRh2lCqFVRxf5tb9AbGwOh9uq5yIFkLk4C6-lj18EdVcQlzvb8Dh-OFRifDcKvyMmEUubArmGrhwAPgfuLDwae6EguOqJ08PSnCw0WjNx3OqFaIsM46Aij22ag7-RgPXUYl_CyvkFam1cszB_C3sy0Hcmeml7FPXFbFuruMFMy_CEMWCpzVb5IsXmltTl7gxVH7OtoMaTFYUVuTcsAUnTKaYlyDSczlASSHCHA8KsBXKsmEoJVoS7DHOQ-ckHOspd8bTJDHJEN4L-zeQLtggHMONp0M8LHNQs4CspZUFwURk4_3iOAolPqAszhVEiC5IAbpK6FkhgkaCoY1fF7WVEaRDCh0JrxAiMn3lD14rrpPve6twATVzLqUxwTgBAOIBbCE7dtNkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeg8KeQA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKELLYVxiVoYOCAtIIJQiA4YAQEAEYHTICqgI6CIBAgICEgIAESL39wTpYrJTVi-CUhAPyCBthZHgtc3Vic3luLTQ5MTc2MTcwMzIxNDg3MDiACgPICwHiDRMI1cfVi-CUhAMVnZ-DBx0_lQP3sBP9orgWyBPsoZrkA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi02MjAxODM2OTY5NDI0OTg2GJHzbOgXBQ&sigh=8EHN7aW4olc&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_Zbcrf0eVXGfB52D-bbJaTn7iIeHcqrs4980nYPa9ckpHoiLYubAtxpyl6P9CeMRgOeJhg_pCGAE&vt=10&sdkv=h.3.616.1&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODUyOTY5NTk3NDZAwgMKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzUzMzc1MDgyCTIwNzExMDE2N0CBAQpfCAESG3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTU3NTMzNzUwODIJMjA3MTEwMTY3QN8BUh4lAABwQSgBOgsyMDcxMTAxNjctMUIER0RDTVAAYAIYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame BBF4 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-8170966538152543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:05:28 GMT
x-content-type-options
nosniff
age
2309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:55:28 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 4F94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08E5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=70690
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 05 Feb 2024 17:43:57 GMT
expires
Tue, 06 Feb 2024 13:22:07 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vpaid.2023.12.14-17.55-48e44e0.js
static.adsafeprotected.com/ias/v1/ Frame 2D56 		180 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c65c54974309992e6f33994a0de840445d81fa80c6f0767ea4b6aa46a70f1056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
UEA_.8zNYYyYrFTGXdKbUM4.5G9Jyz6_
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date
Mon, 05 Feb 2024 04:54:27 GMT
x-amz-cf-pop
FRA56-P5
age
46171
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 14 Dec 2023 19:47:05 GMT
server
AmazonS3
etag
W/"0c5de0f7bdc4f9bbf9c4267cd031935d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
i0AxUJuDZ2lUC1kHNo1IYmMBypIB33b0KN8ZqG7r-XGlEYaW8VqVAQ==
server_match
ice.360yield.com/ Frame A3C0 		43 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.236.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Mon, 05 Feb 2024 17:43:57 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
skeleton.js
pixel.adsafeprotected.com/db2/video/1896414/77361558/ Frame 2D56 		40 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/1896414/77361558/skeleton.js?videoId=fa5d58d083283626b1bb8b7d096be1f6&adsafe_url=https%3A%2F%2Fsaopaulosempre.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fimasdk.googleapis.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fjs%2Floader21.html%3Fhttps%3A%2F%2Fstatic.adsafeprotected.com%2Fias%2Fv1%2Fvpaid.2023.12.14-17.55-48e44e0.js&adsafe_type=d&adsafe_jsinfo=br:c
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.133.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
content-encoding
gzip
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
https://tpc.googlesyndication.com
access-control-expose-headers
X-Server-Name
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/javascript;charset=utf-8
timing-allow-origin
*
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/1896414/77361558/ Frame 2D56 		270 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/1896414/77361558/skeleton.js?videoId=fa5d58d083283626b1bb8b7d096be1f6&adsafe_par=&apiframeworks=2,7,8&bidurl=https://saopaulosempre.com.br/&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwPM1LrVqBIkDe76_dRW8CsuMiLi36uDtaUtiogAMoY4cp8x_u92nlXBSS5aW0my3TkdT7yDab2jLhevjz_lI6Q5RNUY5PJhBLTb-jJ3-EodAw9VIghlvkko7tTsUavcMSl3YNL61bIe8wRWY_MSol0L_ThVqVjd7Ctl6smPIkdW1gE8WFPjD3ch2-x1sDVGJqKA&sai=AMfl-YT29JWZ_45PgYmNKUa4kiuttP4gCvQErJcDcFzZWmsmDbFE27FHIIxTK--ldeKzUgHC_F6hogpX-6U_KvJiG4D5Xwe4DO-a0DyCENXOBRY6-3X4kpZrlFL2f-GN0A&sig=Cg0ArKJSzJucZFwKgVJhEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=&ias_campId=1015451884&ias_chanId=1&ias_creativeId=207110167&ias_dspId=3&ias_impId=v4~~ABAjH0icBht_MZqHOK8kwnfFp4YQ&ias_placementId=20862157360&mon=77361561&redirectedRetries=0&xmapp=0&xmtp=v&xsId=5f995fb9-1db1-4634-be42-d6e5f00cefd2&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
acb263f2a333d3780e58ad37c7e384f445ac37c80c2ab4288b9bf83175a3698a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 08E5 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28728727&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:43:57 GMT
content-length
0
179e36c8-797e-45c6-802d-aa5bc6cb7a72
csync.smilewanted.com/set_partner_userid_get/openx/ Frame BDCD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/179e36c8-797e-45c6-802d-aa5bc6cb7a72
0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/179e36c8-797e-45c6-802d-aa5bc6cb7a72
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
850cf5682b4d2c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 05 Feb 2024 17:43:57 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/179e36c8-797e-45c6-802d-aa5bc6cb7a72
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
skeleton.js
pixel.adsafeprotected.com/db2/video/1896414/77361558/ Frame 2D56 		92 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/1896414/77361558/skeleton.js?ias_callback=__IntegralAS_6f8381997ed646916f2ce130c790154a_4479&videoId=fa5d58d083283626b1bb8b7d096be1f6&adsafe_par=&apiframeworks=2,7,8&bidurl=https://saopaulosempre.com.br/&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwPM1LrVqBIkDe76_dRW8CsuMiLi36uDtaUtiogAMoY4cp8x_u92nlXBSS5aW0my3TkdT7yDab2jLhevjz_lI6Q5RNUY5PJhBLTb-jJ3-EodAw9VIghlvkko7tTsUavcMSl3YNL61bIe8wRWY_MSol0L_ThVqVjd7Ctl6smPIkdW1gE8WFPjD3ch2-x1sDVGJqKA&sai=AMfl-YT29JWZ_45PgYmNKUa4kiuttP4gCvQErJcDcFzZWmsmDbFE27FHIIxTK--ldeKzUgHC_F6hogpX-6U_KvJiG4D5Xwe4DO-a0DyCENXOBRY6-3X4kpZrlFL2f-GN0A&sig=Cg0ArKJSzJucZFwKgVJhEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=&ias_campId=1015451884&ias_chanId=1&ias_creativeId=207110167&ias_dspId=3&ias_impId=v4~~ABAjH0icBht_MZqHOK8kwnfFp4YQ&ias_placementId=20862157360&mon=77361561&redirectedRetries=0&xmapp=0&xmtp=v&xsId=5f995fb9-1db1-4634-be42-d6e5f00cefd2&logTestResults=false&adsafe_url=https%3A%2F%2Fsaopaulosempre.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fimasdk.googleapis.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fjs%2Floader21.html%3Fhttps%3A%2F%2Fstatic.adsafeprotected.com%2Fias%2Fv1%2Fvpaid.2023.12.14-17.55-48e44e0.js&adsafe_type=d&adsafe_jsinfo=,id:6f838199-7ed6-4691-6f2c-e130c790154a,c:3ndm6t,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-8bdb8bf7-2hgrz,rg:ie,pt:2-5-15,mu:10000,br:c,bru:c,an:n,oam:0,vc:jv3,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u3r2yLr+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1*.1896414-77361558%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1l6%7C1l7%7C1m,idMap:1b1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:77,oid:2347df55-c44e-11ee-9bc6-221364527dfa,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/1896414/77361558/skeleton.js?videoId=fa5d58d083283626b1bb8b7d096be1f6&adsafe_par=&apiframeworks=2,7,8&bidurl=https://saopaulosempre.com.br/&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwPM1LrVqBIkDe76_dRW8CsuMiLi36uDtaUtiogAMoY4cp8x_u92nlXBSS5aW0my3TkdT7yDab2jLhevjz_lI6Q5RNUY5PJhBLTb-jJ3-EodAw9VIghlvkko7tTsUavcMSl3YNL61bIe8wRWY_MSol0L_ThVqVjd7Ctl6smPIkdW1gE8WFPjD3ch2-x1sDVGJqKA&sai=AMfl-YT29JWZ_45PgYmNKUa4kiuttP4gCvQErJcDcFzZWmsmDbFE27FHIIxTK--ldeKzUgHC_F6hogpX-6U_KvJiG4D5Xwe4DO-a0DyCENXOBRY6-3X4kpZrlFL2f-GN0A&sig=Cg0ArKJSzJucZFwKgVJhEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=&ias_campId=1015451884&ias_chanId=1&ias_creativeId=207110167&ias_dspId=3&ias_impId=v4~~ABAjH0icBht_MZqHOK8kwnfFp4YQ&ias_placementId=20862157360&mon=77361561&redirectedRetries=0&xmapp=0&xmtp=v&xsId=5f995fb9-1db1-4634-be42-d6e5f00cefd2&logTestResults=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7883d0175f3456bb67a6faa78e70d123fa2ae10b70fc55a7c6351d35f44b3098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
content-encoding
gzip
server
nginx
x-server-name
app02.ie.303net.net
content-type
application/javascript;charset=utf-8
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
sca.17.6.2.js
static.adsafeprotected.com/ Frame F110 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://static.adsafeprotected.com/ias/v1/vpaid.2023.12.14-17.55-48e44e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
11900087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OTQhOAVAxuBia83FNrpmIDc8Q9vEIbvmsyFHvd49xb1pOq_Xg0aJ3Q==
dt
dt.adsafeprotected.com/ Frame 2D56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1896414&asId=6f838199-7ed6-4691-6f2c-e130c790154a&tv=%7Bc:3ndm75,pingTime:-3,time:114,type:v,clog:%5B%7Bpiv:-1,vs:n,r:v,w:394,h:219,t:76%7D,%7Bpiv:0,vs:o,r:l.v,t:113%7D%5D,vv:3.8.9,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B102~1,1~0%5D,as:%5B103~394.219%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~394.219%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:u3r2yLr+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1*.1896414-77361558%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1l6%7C1l7%7C1m,idMap:1b1*,rmeas:1,rend:1,renddet:env,siq:77%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2D56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1896414&asId=6f838199-7ed6-4691-6f2c-e130c790154a&tv=%7Bc:3ndm77,pingTime:-6,time:116,type:i,vv:3.8.9,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:116,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B102~1,1~0%5D,as:%5B103~394.219%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~394.219%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:u3r2yLr+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1*.1896414-77361558%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1l6%7C1l7%7C1m,idMap:1b1*,rmeas:1,rend:1,renddet:env,siq:77%7D&tpiLookup=ao:saopaulosempre.com.br*%2Cimasdk.googleapis.com*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
ap.lijit.com/ Frame 13AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.38.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-38-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Mon, 05 Feb 2024 17:43:57 GMT
1201246404494015642
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 8B22
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1201246404494015642
0
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1201246404494015642
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
850cf568dc1c2c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 17:43:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 05 Feb 2024 17:43:57 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1201246404494015642
server
nginx
dt
dt.adsafeprotected.com/ Frame 2D56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1896414&asId=6f838199-7ed6-4691-6f2c-e130c790154a&tv=%7Bc:3ndm7k,pingTime:-2,time:129,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:211,beZ:213,mfA:216,cmA:217,inA:217,inZ:226,prA:226,prZ:284,si:288,poA:289,poZ:309,cmZ:309,mfZ:309,loA:326,loZ:329,ltA:339,ltZ:339%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:394.219,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:v,w:394,h:219,t:76%7D,%7Bpiv:0,vs:o,r:l.v,t:113%7D%5D,ve:%7BvEventCount:1,vEvents:%5B%7Bt:110,tp:adLoaded,sl:o,ad_duration:15,width:394,height:219,volume:-2%7D%5D%7D,vv:3.8.9,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:129,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B102~1,1~0%5D,as:%5B103~394.219%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.394.219,am:v,cc:NaN.NaN.394.219,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B15~0%5D,as:%5B15~394.219%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:u3r2y7s+11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C18%7C19.1874223-77019497%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1*.1896414-77361558%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1l6%7C1l7%7C1m,idMap:1b1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:env,siq:77,sinceFw:51,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
6a4b1883-fdfd-4ec1-b7bd-188cdf0c56ee
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 7A8B
Redirect Chain
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/6a4b1883-fdfd-4ec1-b7bd-188cdf0c56ee
0
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BBF4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:01:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:01:46 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BBF4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIznBWx7BZdy8Fp2_juwPv6qOuA_4xYTddY6l5deuEvAuEAEgxfaGaGCVgoCAoAfIAQWpAnzVXKqX_7E-qAMByAMTmAQAqgS0Ak_QLueokrTkFnrNL7M1mKWZX0KoUHoePa8RBkNnPVRh2lCqFVRxf5tb9AbGwOh9uq5yIFkLk4C6-lj18EdVcQlzvb8Dh-OFRifDcKvyMmEUubArmGrhwAPgfuLDwae6EguOqJ08PSnCw0WjNx3OqFaIsM46Aij22ag7-RgPXUYl_CyvkFam1cszB_C3sy0Hcmeml7FPXFbFuruMFMy_CEMWCpzVb5IsXmltTl7gxVH7OtoMaTFYUVuTcsAUnTKaYlyDSczlASSHCHA8KsBXKsmEoJVoS7DHOQ-ckHOspd8bTJDHJEN4L-zeQLtggHMONp1U8Ss40VxEIDn5zAuSSPIxLYnUMc9XZG2C7VScKqXjArm6XrRz9gGCU3DO1rJeWf-B8ZNskGRvVzP7gAbF5aYB628TwATVzLqUxwTgBAOIBbCE7dtNkAYBoAZOgAeg8KeQA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WKyU1YvglIQD8ggbYWR4LXN1YnN5bi00OTE3NjE3MDMyMTQ4NzA4gAoDmAsByAsBgAwBqg0CREXiDRMI1cfVi-CUhAMVnZ-DBx0_lQP3sBP9orgWyBPsoZrkA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=84QBYyW-Rhk&label=vast_creativeview&ad_mt=0&sdkv=h.3.616.1&vci=CmYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2ODUyOTY5NTk3NDZAwgNaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KVggCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzUzMzc1MDgyCTIwNzExMDE2N0CBAVobZG91YmxlY2xpY2tieWdvb2dsZS5jb20tZHNwCmkIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNTc1MzM3NTA4MgkyMDcxMTAxNjdA3wFSIxAEJQAAcEEoAToLMjA3MTEwMTY3LTFCBEdEQ01I2gJQAGACWgNJQVMYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~ls9810wg&c=2725489267939&slotId=1362744633969.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:814::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/acao,ctier,expire,id,ip,ipbits,ita...
710 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23E9881066901742E2DCFC2844EB12B9EBAD8828.3200BE3DDE18D4AD919686AF60B548C643011F1A/key/cms1/cms_redirect/yes/mh/b9/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-4g5lzney/ms/onc/mt/1707154660/mv/u/mvi/5/pl/59/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:1b::a -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saopaulosempre.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 17:43:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Dec 2023 08:38:47 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-37843699/37843700
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
37843700
Expires
Mon, 05 Feb 2024 17:43:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/90db17b5fd5bdf24/itag/309/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847509623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23E9881066901742E2DCFC2844EB12B9EBAD8828.3200BE3DDE18D4AD919686AF60B548C643011F1A/key/cms1/cms_redirect/yes/mh/b9/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-4g5lzney/ms/onc/mt/1707154660/mv/u/mvi/5/pl/59/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6363 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
411871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 23:19:26 GMT
expires
Thu, 30 Jan 2025 23:19:26 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
s.ad.smaato.net/c/ Frame 8556 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:3a00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44
cache-control
no-cache, must-revalidate
date
Mon, 05 Feb 2024 17:43:13 GMT
server
CloudFront
via
1.1 c31719efcd399888dbbc5773eb6999da.cloudfront.net (CloudFront)
x-amz-cf-id
jqDY_QiR62Nb2YKJEoq7_mO6iyPUxPlbEieXEYp49e1gIRTWxjvCQA==
x-amz-cf-pop
CDG50-P4
x-cache
Hit from cloudfront
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 6363 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 14:14:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6363 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.616.1&bgai=Bh9czXB7BZdHtBM3Y1fAPnvKGwAsAAAAAOAHgBAI&bg=!5eal5qnNAAa8BdJLnAU7ADQBe5WfOLvS0mNAtdNAgPQFKQxNCfQUfNxIy0YFkZw4FAgsqja_YDAveJ5wB2FULARgF4M6AgAAAGFSAAAABGgBB5kC45YW8M8TwsImejkrcwVg2HLy1QA34L6Dt5fumLpamEDbnWjLpxsk6z_4OCcqvVt5zXHtTMD-x4PongLLVuoJvltD-Xx0x4nIyKFz4X94_u4EJTkgellGLHDW3OSJEwyTSsNxDUOCgRztZkbRC7BUS2DNsvZJ4-NxaQUBdkZ9Lodjp5tk5TG4DtQF4EsUwiaRee217qx2dN6wp8VloAvzlMAzpEJLo7pgIsvWDTTEfVA3_K699M2eVhfnlp_MCEOCx0YOHpsoz1LWEvRfoi0Etb6P5pMkb8qghJtwlvhstFia-R9vAGkHcZBzyKd4wNSCBm4prDdFA5V9nSGYPPbwxtcmPEk8xzCvVQkrsF6DLDs4vMekht_06gOApwthUFB3w2ibSYVZkdb4Nx3dQsL6ectiy3QyRh9eJntwivm73Tmi6_piNdr_2O9AF2X8iwp6_M-9KREQsK4eMk6CoQwYDleX0jh1Z0fJTsv5_X-aXXIvpIhSwWLqrYyF_sRbeRS5oPhljK4RpqVT5MEaQej225oVn9FzKCnsWf-KPZdEJRB_a1pEhj6fbZpYCm3zhBxbjIWcZKwTWxESvU5Sz0ByL0z5A-PfQnojxYJ4ScOw-mZbiz3Yyoh-bc9qHBTnQnnnS_3oP6KAUyTiyKl-ovi2K_sVjZAt7SHjm93HQg5v4J6uzpcioBzUDmBnZ_uSgapKI9csLoUtFDvqzBj6N4k8kEOwVELiJyq2ulSmr4J_5hxw_GJGJ5AHovdps2zELqw0UMuLfzM42m_sIT8JCv8cPX_DGnUUJRMwLIa_0W3Qq_Ei0meiFttrh9sp24ClF0OT8iQZr1RJPsmAu2JQAXrAhgX55KSFvDQbKPhU-VK3SjsY2-t-lu3nCBhzknMdQ_Dbym05-N7nZYpBMDzRbC_lEvwyH1aejwWXJyQTypDzcjsJSu5rGrAiAmk7ONFDG0DnnmHOcZ-eC-E735YN1Y0G5tsZgNo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 079B 		0
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 17:43:57 GMT
an-x-request-uuid
d3060b37-88f3-4024-9335-6a199b99b209
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/adwmg/6a4b1883-fdfd-4ec1-b7bd-188cdf0c56ee

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| denakop object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle object| googletag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| FB object| EasingSlider830 object| EasingSlider66717 object| EasingSlider66751 object| apstag object| twemoji object| wp object| ggeac object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer object| _aps boolean| apstagLOADED object| apscustom object| dkpbjsChunk object| dkpbjs object| _pbjsGlobals string| GoogleAnalyticsObject function| ga string| sbiajaxurl object| impression_object function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| click_object object| pollsL10n function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| gaplugins object| gaData object| _ppads object| _pbjs object| _wpmejsSettings function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| sb_instagram_js_options boolean| sbi_js_exists function| sbi_init string| poll_id object| sbi number| sbiWindowWidth number| sbi_photo_width_manual object| _pbjsChunk object| mnet object| Criteo object| CleverCore boolean| CleverCoreLoaded object| TTTagManager function| TTTagManagerError object| _ttq_tteurekaads string| n object| cmds object| _tteurekaads object| ttcNamespace string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| GoogleGcLKhOms object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| vttjs function| WebVTT function| dkVideojs function| videojsIma function| videojsContribAds object| _ttprofilescache string| poll_nonce object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| closure_lm_725097 object| closure_lm_641394 object| teads_analytics function| Navegg object| naveggReady object| nvg46575

59 Cookies

Domain/Path Name / Value
.saopaulosempre.com.br/ Name: _ga_GY97Y7QLVF
Value: GS1.1.1707155030.1.0.1707155030.60.0.0
.saopaulosempre.com.br/ Name: _ga
Value: GA1.3.1110527849.1707155031
.saopaulosempre.com.br/ Name: _gid
Value: GA1.3.171818949.1707155031
.saopaulosempre.com.br/ Name: _gat
Value: 1
.denakop.com/ Name: uxid
Value: rB9%2BjIfZQXiMMOsR%2FZcc8w%2F0
.saopaulosempre.com.br/ Name: __gads
Value: ID=5a28b6c48c3867bb:T=1707155031:RT=1707155031:S=ALNI_MZqdi1sYpK8nd2LcWQ5VRVuMLxCbQ
.saopaulosempre.com.br/ Name: __gpi
Value: UID=00000d50cc3528d9:T=1707155031:RT=1707155031:S=ALNI_MZfJfcqEgWifTojETI9pqjhFCgHYw
.saopaulosempre.com.br/ Name: __eoi
Value: ID=2b10264767b30130:T=1707155031:RT=1707155031:S=AA-Afja2lfyo04KBi_8ypjTzdEOL
saopaulosempre.com.br/ Name: denakop_freq
Value: {}
.doubleclick.net/ Name: IDE
Value: AHWqTUkf08hs0ZJvZWYuxehszM6FFmBLrb2LFMfWtjnqr3luNzxb1aGuNpyxOGz0YA0
saopaulosempre.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
saopaulosempre.com.br/ Name: clever-last-tracker-32455
Value: 0
.adnxs.com/ Name: XANDR_PANID
Value: z0b8m984T_KfUDQOhf40wvlrcsuGvonFwHZQgY8SfqwHMwaa2lqbVTV095ir3enBGlsgMPqVwii7Fv5gQpS46XRdwHfM9RVvU8amyzBD8k0.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4507727447006430603
saopaulosempre.com.br/ Name: tt_c_vmt
Value: 1707155032
saopaulosempre.com.br/ Name: tt_c_c
Value: direct
saopaulosempre.com.br/ Name: tt_c_s
Value: direct
saopaulosempre.com.br/ Name: tt_c_m
Value: direct
saopaulosempre.com.br/ Name: _ttuu.s
Value: 1707155031634
.yandex.ru/ Name: yandexuid
Value: 2832360621707155031
.t.tailtarget.com/ Name: u
Value: fwAAAWXBHlcLRAbHAyB/AgB=
.t.tailtarget.com/ Name: _ssc
Value: y
saopaulosempre.com.br/ Name: tt.u
Value: 0100007F571EC165C706440B027F2003
.rubiconproject.com/ Name: khaos
Value: LS9810PQ-H-568V
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqxC8X95VZWhy+IXqvPVzt4X6LBWwGzep2k2NKlEueGiNZu/taG7XFmPud11CfOpA0hhcBW8n+48ELjN06UHw7rzG6FmltYou0cRMYkeecs6b7FQD2yB//h40Qpx8nGAQE=
saopaulosempre.com.br/ Name: nvggid
Value: null
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1707155031950_2997014918
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
saopaulosempre.com.br/ Name: tt.nprf
Value:
.adnxs.com/ Name: icu
Value: ChgItMlZEAoYASABKAEw2LyErgY4AUABSAEKGAjTi2cQChgBIAEoATDXvISuBjgBQAFIARDYvISuBhgB
.tt-11382-4.seg.t.tailtarget.com/ Name: ttca
Value: _1707155032
.saopaulosempre.com.br/ Name: _ttdmp
Value: |LS:
.t.tailtarget.com/ Name: n
Value: 1707155032
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.creativecdn.com/ Name: ts
Value: 1707155032
.creativecdn.com/ Name: g
Value: dCi0ufB0feoIjizrPheI_1707155032811
.doubleclick.net/ Name: DSID
Value: NO_DATA
.w55c.net/ Name: wfivefivec
Value: D2ZEZYbp1Rx30A5
.w55c.net/ Name: matchgoogle
Value: 5
.lijit.com/ Name: ljt_reader
Value: IHKnAGZHLSjECmypQa-YTTTW
.yahoo.com/ Name: A3
Value: d=AQABBFgewWUCEP2W7UakzshNJVP2rf0EGRsFEgEBAQFvwmXLZQAAAAAA_eMAAA&S=AQAAAhFvJFiMmTaFn9jJzFuHzgY
.simpli.fi/ Name: suid
Value: BA41013782F248CEAF86B444809ED545
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 24517595-b442-455a-96d0-cfe1b65c6824
.saopaulosempre.com.br/ Name: cto_bundle
Value: lgdFFl9GJTJGdiUyQlJCemRhd2Q1bk43aTltOXNXekJpWjNKTTZUUEdkMDk2Vk8xOG9sV2g1WjM1WXNVMjh3czVhJTJGZmt5TFpKSVJQWURVNFNoMDNkSzBKYVZsYkttdVlocXVOZEttQWsxMnNWTWJqN1F5ZmNmYTZhWHFwRWE5SjNORjZYdjNacWUlMkJkNnhzUUVjVlklMkJmRjg3VWpGd25IQ2cxRDBNRE4zZGF5YVljVU5tYjFNJTNE
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVLFC+$9!@wnfH8K6pQK`!5=E<*L5?%KFjFBj:/kQp(.AEzx3x?d#hruiw@<hC!UCD!Z%nugO%v4VB%no#/*8e*q
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMPS
Value: 3210
.doubleclick.net/ Name: APC
Value: AfxxVi6CfpL_S9HlVGb1WjvSLTzlHsWvD8UwOEL4PxsNtIBJuCyxAQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 1201246404494015642
.casalemedia.com/ Name: CMID
Value: ZcEeWvsLnnKaTUyv7xM0mAAA
.casalemedia.com/ Name: CMPRO
Value: 3210
.turn.com/ Name: uid
Value: 3418330968352237984
.quantserve.com/ Name: d
Value: EDoBCQGJK4EA
.quantserve.com/ Name: mc
Value: 65c11e5a-c6b1f-d981e-618c3
.media.net/ Name: visitor-id
Value: 3501566341491886000V10

356 Console Messages

Source Level URL
Text
other warning URL: https://saopaulosempre.com.br/(Line 1092)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9092257803572239&output=html&adk=1812271804&adf=3025194257&lmt=1707155031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fsaopaulosempre.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707155030885&bpp=3&bdt=352&idt=299&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2725489267939&frm=20&pv=2&ga_vid=1110527849.1707155031&ga_sid=1707155031&ga_hid=1936858010&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C44798934%2C31080818%2C95322183%2C95324155%2C95324161&oid=2&pvsid=2646966041291721&tmod=359673351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saopaulosempre.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
at.teads.tv
b.t.tailtarget.com
b620ed3865b3836633b5165be644c950.safeframe.googlesyndication.com
bid.g.doubleclick.net
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
call.cleverwebserver.com
cdn.navdmp.com
cdnjs.cloudflare.com
client.bannerspace.net
cm.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cpm.denakop.com
creativecdn.com
cs.media.net
csi.gstatic.com
csync.smilewanted.com
d.tailtarget.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.navegg.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
pixel.adsafeprotected.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
prod-rtb.ad4mat.net
r.turn.com
r5---sn-4g5lzney.c.2mdn.net
region1.analytics.google.com
rtb.openx.net
s.ad.smaato.net
s.w.org
s0.2mdn.net
saopaulosempre.com.br
scripts.cleverwebserver.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync.navdmp.com
sync.smartadserver.com
sync2.navdmp.com
t.tailtarget.com
tag.navdmp.com
tags.denakop.com
tags.premiumads.com.br
tags.t.tailtarget.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-11382-4.seg.t.tailtarget.com
u.openx.net
ui.cleverwebserver.com
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
csync.smilewanted.com
prg.smartadserver.com
104.18.36.155
104.22.69.131
108.177.15.157
13.248.245.213
142.250.186.98
151.101.129.108
151.101.129.91
167.233.13.224
172.217.16.194
172.217.18.102
178.250.1.8
18.202.133.215
18.245.47.29
18.66.113.225
185.184.10.30
185.184.8.90
192.0.77.48
198.47.127.19
2.18.160.23
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
211.120.53.202
23.218.208.200
23.218.209.56
23.35.233.56
2404:6800:4005:814::2003
2600:1901:0:76b9::
2600:1f18:1aca:4280:6b0:3715:2be5:c7c0
2600:9000:223f:6e00:8:48e:53c0:93a1
2600:9000:2450:3a00:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6814:e280
2606:4700:20::681a:f79
2606:4700:20::ac43:4a81
2606:4700:3033::6815:50a8
2606:4700:4400::ac40:919c
2606:4700::6810:ff3
2606:4700::6811:180e
2606:4700::6812:160e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:1b::a
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c07::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:280:5::213:7821
2a02:6b8::90
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:9cf8:b053:4a2d:7d69
3.64.234.178
3.75.62.37
34.102.185.99
34.120.63.153
34.150.170.96
34.98.64.218
35.201.123.184
35.214.149.91
35.227.252.103
37.157.3.26
37.157.6.254
37.252.173.215
5.135.209.97
51.89.9.254
52.223.40.198
52.31.236.51
52.57.86.165
54.155.202.187
54.171.38.56
54.228.85.211
69.173.144.139
69.173.144.165
77.245.57.72
84.200.5.215
88.221.124.22
88.221.169.246
91.134.110.137
99.86.4.39
00516fdacc05a61a5a5b6fa07eef554218f8b4f7e11f72fc9872f161dd70a0bb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dea4bfbbbb6e5e05af088c72f96b4d7db09dae413fb0a558669324aaea94fa
020fc19befd100a715158fb63545cf6fbc994d25b87fd1938decf34ba105d4a9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03a9d32d03cb319d3c3bb388a64801d1c9e99ed878f87386f26ffbab5f18b78a
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
04205a936490981e508abe3d89d2f6231c9ae39e969fe46322f0826d7fb59aba
04bcd9047ee800dcf9186dea5f40b2024e9724915246d495d6816020d7b87a09
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074fbc5276a1cd4fc4594fd67e3f1a7ca65760f03d40426e18db2cbd96907cda
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0946e97d18b3d73c5a4bff8b8e178d3d9f641b19388c358776b7bbd14ef996d2
09a38c5f8d7cd6a9811194e9cc6f8bf6a4201a19c9f03fd06ae53d9f36a66fa3
09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0ac5a1e6c2c1fde505d9378a2bec86ae156da7dc888e199b380c8203f010e8c1
0b1ac0f8728135949ccd376c1dc7a3d73b06c636c48b8d798f3ea26d9ac041c2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e25114d569e2fdb97712fc55fb6a4f3413846cccfafd07d60a524219bb1b88e
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
122d56342a183a18016bf84ab4bc0c3a712f8b33993554181eaf1b9b172d493e
12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0
13b3daaa61685fe71f1f9caf9f2b21060ebfd75f7258414b9d4ea4a2ad230d4c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165eaaca90e61c37951fd04357d598a2dbf7c0892f8d8e019efada48932c20e9
17a039087b7ffee500196f00b651585da8e6f5e1094eb91200cbbe278042a88d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180935caca3697a255e4d1b697b7ae199598c900bed61c64e45dbffb81a1634c
1960ae9b306b9793a2e2cba8e6687d159ea33be375cf45b9cdbfb9649b620705
1a068ff816e69e35dd019b25acb94cf39e238e2fc4182d9173d284f7415f5870
1c3e2bdd62203723c67aefa446357bba0d495d36e20ec1220ef291d3a4329399
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d29a4da589df44d74041478486a73e8875b37c1a460616e1017e07f76d209e0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e3aa3ad406b8a2f48a38bc92e441c8dc3dfa456a0be2f3959150c22d7454fc5
1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
2428388ee7fb9c89fdfd1191a1fb4a45794d7fd64777ecfd9bc4c06052a17522
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
302c7521d56f1c685379e3e0b8c02ca22ac97e4821a7a6c875c64cdcb56f87a6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
342184a71a265fe1e1c7b13a4ef81bfcf1766232345b635d028bf2e94e7e814b
349ca649c01e5a4db13580cbca75c92b18151f8261f921f89502bb66fbb1c4cb
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
382249585136c0ff400c2ebca8cac116373cbd34dd863297edf4ce5217fb63dd
3cb292093a6067785b74fd156d5ac5fd6b50ecdf7beab1efd8aca433ded06f46
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
45427ac1b9172eee51c952f61298656a4a231db89ce5c0a1b9bcfd879f770cab
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b4b8106f605bfbe43d801ffd58d96430765d55ca91dffdc558cb363628d5ae0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be259b5e461f86279a2fe2ef83d418b9f81a27a2951632328cd9b2b57f237f5
4cccb6838002cd6a12dcfc50d70fe06e84819d122f28979cf76a29e447abd860
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1ace936d6eca410ee9b40a573613ca3473143705087f3a6c6cded95afdc4dd
4efddccb8806d487e1da840f7c55a3e404b15f40692b158e2f8a9f919837f48a
51dabed566f1da2ff857acdf23159e25008c9cf9b3fffec3fb67e02f7494ae70
5349880f99b0b3e5c8fab8cd374aeac5bca01a96b1e515c82924eec601c79d30
542007f1393d22bb236f7092a3098723c68ce5fa756e18f40b8b9a8af8669426
5421e7d08f5fb2ce2e36031d562b26768817268964720146dfbf001a0fb4e1b7
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562d938405afa2d5bf5f0fd2fcaadeb183f068700cc85ff97fc283f05261ce03
56d6fe78190e9724c074698373c733dd1da9cc99741d038d3af26ddf990d95e6
573340a3b1fb4a52cf149c521c6349b7d7026209b30c6f00de2499154d1c36f0
58413f33709c38ce5106719174e4d8e76079f6de21cf3f78bb89c0c2383f6d18
593005e1a79cbd126820cc1b23713f90dc81994d29bf5886ad2f96547619a079
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5df9c9de7a24e3fdcd2d08744ba586a66a4b138b63cdef6979dda1852f8e5039
5efd013114a5e58d0e95fad934bd7cca80dbdd303149c0454455386f26988c33
5efd5c070968ae7f3020be206ac993036ee7cbc6fab47e799ad4d9e9a86155f9
606aee1d2ed41b0cf2255daceaa2dea7c4234deba6d744b725382ba9fdfcd7dc
613985fc1a485a6edc400f1ce06f71d83fecc01968c600cdd29af222c42eefe8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
640581cd0e5d608465edd5624e74c7c4af3948f813d27064151422cc7eb1a308
64dbf00da9e02b508be7975901db246dcd46cdd33f7323626cd67767202dd815
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6886c310cba858be5c927e27b178b7aea67b77e5912b0e32b3859f6baabbc08b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6dec06becfd5dff9e5109678d08ed0b6e4c3aba816aeb2fef00cbfae1ecf63ed
6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b
6e5b6250b8846bd6d48d78ac949b71e27f7737d92f7973cbe12b9ab0e613966e
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
6ffdfd5c9b476e641093e98bb44afb2bdba168893f561ed1fdb7d740adc7c602
7070caab6f4b359b2ae2d656c111af4cae226fd758202665ac3625e528b4fe49
708255048b961f446fa123b42a28f9cba237d3f71dad39f718e8f1676db23f42
7106a90b5b2a07d04bc03d00d85d009856af368266c75ed077a10d69b77a5859
71f69bd47a2192ccbda9ea4e83e3702d2526cbf0a06bd00422943ad72d287ac5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
76a2174a975d02037d4e37ad681d006dc94260e2ea03f881c6f9bd486a5af30e
77cbdfd5ca30a3b1bd519a5b12e4ef06fe9dc816a0a9652368e5123247a09cf3
7883d0175f3456bb67a6faa78e70d123fa2ae10b70fc55a7c6351d35f44b3098
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
78fec288a29f63999e74841d975b63c3f09077a64a044f970c519d0336480058
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b1bbfc9822bce47a4582cc9919d31dd4848776fd6e8213cc79756efd0925712
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
7fcb66dc65cd6a8d7f3e33c88a0f2f35f4bbabc80e72cef4ca03125dec52379b
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83f9904c44d1e75529c1f842664672d861c3b9db0a9b97b2097053c4278f4d4d
851348109aea9bd57a267a0cd4d0ee802ec76376ed70ab581bfd6365bd9eed4c
852b5fa76c4b875659cd9294c84bce92b0a16d98c17a4488a7cd6fd13c58a62a
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7
86b7dab44342ee15ca8ee2da12ab1d3deb3f74b3ee66f24282490ff8fd9f2a31
88edd30c6506ad79fed51572f6c049987018d2c7f661429b1651fd54644d84d9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ffd6676920aa558288bc5dca459b8443272d5ac5c50d79936706d6fce39898
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e202217830fb832191f247b468b1c0e7e0239c1c34c6277ef9e6f7821da117c
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e839cbca64972608f103b7e75d5d207d31eac477d79ac43e3c950fb5897bd23
8ffe85c64a45df61f7d5fdd8b52d94a246833eab3c67e7730a961d9ddbb17470
912950dc220b19cd42d7a2ef16d0bbffc85f73482b81d809969211da302915c7
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
921fc1cb23f6ba7d78fd875b24278f87a6bfd454a3ab8bd50f13659a4878f162
9694254a7f0b7e9dee5054ca758f1a380e046c2a5d986993746c2f989f9703ad
96ca3e795519863b8983e55b87d92b232073a0cad024e6bcf66b6266bb3f4ba5
97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9dc2da579f7ffdc6a69bbbef79a483eb1be63d4b75cecb4c0a5fc58204e98d98
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a190cb3fef1caa9719df1f801819c167affaa42afced9b6e394dca454732c2d8
a1b1f799832f72d861b8bd51c2f91f45c7a8b93b99912923b8c4154aa37f1383
a6e868b6feca508b90f9e20c35e02b6d2d558c4cd295c70a775c521055d656dd
a7c04e87a934008bdd15561b3ae66208d2158dcd6444da7d08b9c9243572e4a9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acb263f2a333d3780e58ad37c7e384f445ac37c80c2ab4288b9bf83175a3698a
b080077be67f44a0c4cf754a402ddaced203190343eaa31bb79690f5c128d9e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b60ebf1e21a7919d905cc72ded7208172807a14adfa836505287f00ead93ce
b4455c7e4210d04524b7c05dae4abd1dfb207d64fb806d5d30183312afa6c50f
b65bd6996a2fe6c5c5622a03910a55eef275655c140eb64a363dcc14e9e17cee
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5011dd07dbc43af719c8a7defbed66ff84bc35da2107472c3d65968f226d3a
bbb0f652552de01ea802382d7b5d145cbee35857ab427607510d3fea83dadbd9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdcd0d4b30f43dc84bcc16b2fcc0adc23c7447e16e7333fdfa3cb7c6d5fd7319
c08592fdd12a80535dd739321c6c7e5ba034e4484fa3e94af31d08a594c8c23b
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c627153c9cb78d7447539e7d75ed6e85225424e5d0a60959a51d49f2d0f20f1b
c65c54974309992e6f33994a0de840445d81fa80c6f0767ea4b6aa46a70f1056
c6a9da4bfc81cfd8dc4ee9ad29798d8e77287d4898cd86bbca8afd93b5d807c8
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cd22c354039ec6a21aee9483944052ce2887afdd91ff28ab1c257323e1454f83
cdcb9c977cb01337a4497c07e262fe3a7472231c89efcaa33ca574ec730aacaf
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3c91685b0e9e0d8c0c5175a21c349e0b66da7d9a67d8c0d31825d1851b988fe
d63f0425aaa386dd654c12a24af4bc9ad53152c31f032ace7d80c9c7150b041d
d69796692b3f5728b0c446c2cca56183413b6308d4bca6ef0b338f4d58642492
d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d824ed7e3c2729727887aac13c322e48fc3d7d6f8cf04c811119bed64613843d
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
daed79a07df2a02cbbd450e3027e55f605638911922c030be598acf47c97aa36
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27
e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a
e2f593a70e96ce43902c23e6b15b42b2b2222f98ffd06a3dbe58be0324270887
e3035f4da137318c8ab24443847c53184aa239f7ae069dc2659eb9aaf8e4a4fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e71f0899f5341e2da555c00868289b87f58f570b7709b9f671c1fda9407f2763
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e9798fc4c7ff476555c03664d50915973981718170a86a95ab1fbc2c9faf3255
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb5103d393fd3f1ac2aff5e8357c6fce538959568f866351501976877e55943e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f011bab6555ffd64e70fdf76e8bfde14de2a7388c96b17a57a880903875fbb89
f0d3deb205cde7ee7d4f0b30b680b2f56194151f6d2ff84961675b69cf2d3042
f32878e13dfff4c489fcf09eca30848ce4e117a19cf9fe4046d241e9a96015ef
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f3e04f8f77882cebcc508ab28d2b6e94c11d8b1d017d3f8922c5b2664270f03a
f3fae687b8a9efd72c3b11debad140434210a5b0d72a67d2a156be17421d52e0
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f82ff3024bce5fead7bd9619f5a31360dd32797b26d2be7c33226cdd22688cd3
fb03a01f43c31173ceb6d6378595d4558ec77c915232c73e9e4e3a6f6ea7b2eb
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48
fb69e9b5855c15185db603068a44a2c1d64dbb66c09c5a3b1fb8bae82234a2d2
fb6fa007a49268170bf0ced434ebff9279787e4e1d18f9d927fb27e9f1fb435b
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
fdf4f4ddae375313291c3eedd801f3ca958722b9deac2b73824ef92f08571999
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876