consumidoremdia.site Open in urlscan Pro
2a02:4780:13:1297:0:343e:2074:8  Public Scan

71 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response consumidoremdia.site/	215 KB 62 KB	675ms 228ms	Document text/html	2a02:4780:13:1297:0:343e:2074:8 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://consumidoremdia.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1297:0:343e:2074:8 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/8.1.27 Resource Hash 45d2ffe1d77893d15fddf3b67ad42ef0045d936685694f8a8744d318c345bb94 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 08 Jun 2024 00:40:51 GMT expires Thu, 19 Nov 1981 08:52:00 GMT platform hostinger pragma no-cache server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.1.27
GET H3	200	style.min.css seudireito.proteste.org.br/wp-includes/css/dist/block-library/	93 KB 12 KB	79ms 39ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:37:48 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3fc-172a9" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a5f9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	classic-themes.min.css seudireito.proteste.org.br/wp-includes/css/	217 B 417 B	89ms 49ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-includes/css/classic-themes.min.css?ver=1 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:37:48 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3fc-d9" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a599f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	main.css seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/chained-quiz/css/	317 B 407 B	90ms 50ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/chained-quiz/css/main.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b6dc0f0f83947b169e1f69d230d2a50d1c4b6284652512f19ea333d308d882b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 26635 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare etag W/"6655eb1d-13d" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a609f8d-AMS expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	styles.css seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/	2 KB 1 KB	91ms 52ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdc0fd7143ae2fdb4856522ca1311ffb7184b74051768256388bf5f2b8a2f256 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 32859 cf-polished origSize=2296 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare etag W/"6655eb1d-8f8" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a619f8d-AMS expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	screen.min.css seudireito.proteste.org.br/wp-content/plugins/easy-table-of-contents/assets/css/	5 KB 2 KB	94ms 54ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.43 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:36:33 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3b1-15f8" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a629f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	dependencies.css seudireito.proteste.org.br/wp-content/cache/background-css/seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/themes/proteste/assets/css/	3 KB 1 KB	333ms 293ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/background-css/seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/themes/proteste/assets/css/dependencies.css?ver=1716906781&wpr_t=1717260558 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21ae1b308fe151d55149e82956b14ef031db254c06c1598abefc6a26e1e33fd8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 05 Jun 2024 19:35:57 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"6660be1d-c8b" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a639f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	style.css seudireito.proteste.org.br/wp-content/cache/background-css/seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/themes/proteste/assets/css/	462 KB 61 KB	557ms 517ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/background-css/seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/themes/proteste/assets/css/style.css?ver=1716906781&wpr_t=1717260558 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe41086a56a364fbe4f4ab1cf34642e47cf8454b4e87815b66b3ecdccd59fbdb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 05 Jun 2024 19:35:59 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"6660be1f-73994" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a649f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	select2.min.css seudireito.proteste.org.br/wp-content/cache/min/1/npm/select2@4.1.0-rc.0/dist/css/	16 KB 2 KB	95ms 55ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/npm/select2@4.1.0-rc.0/dist/css/select2.min.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8106b6394f3712997ff17024f6f1a84be753ac572d5b8e21546c8396523acb71 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"6655eb1d-3f51" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a669f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	magnific-popup.min.css seudireito.proteste.org.br/wp-content/cache/min/1/ajax/libs/magnific-popup.js/1.1.0/	5 KB 2 KB	95ms 55ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a54f77f385c8414757b3127486c893cb23382c54085bd0402dba8c985278edc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"6655eb1d-1482" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a679f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	cs-view.css seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/comparadorsupermercados/app/assets/css/	4 KB 1 KB	76ms 35ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/comparadorsupermercados/app/assets/css/cs-view.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d80bf56117cbecdc75032a71b070fb23dea4f0f529bb70d3cc53f3accb51fd2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 26635 cf-polished origSize=4372 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare etag W/"6655eb1d-1114" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a689f8d-AMS expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	gdpr-main-nf.css seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/	80 KB 9 KB	77ms 37ms	Stylesheet text/css	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main-nf.css?ver=1716906781 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69b1f951c07ce2839a40adc4f83fc11de9211d4b39d322361f8ecb02ea31a1fb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 26635 cf-polished origSize=82009 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 28 May 2024 14:33:01 GMT server cloudflare etag W/"6655eb1d-14059" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cf-ray 8904d53f0a699f8d-AMS expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery.min.js Show response seudireito.proteste.org.br/wp-includes/js/jquery/	88 KB 31 KB	35ms 35ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:37:48 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3fc-15e54" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d540dbae9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery-migrate.min.js Show response seudireito.proteste.org.br/wp-includes/js/jquery/	11 KB 4 KB	34ms 34ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 14 Jan 2022 12:53:40 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"61e17254-2bd8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d5412bde9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery.validate.min.js Show response seudireito.proteste.org.br/wp-content/plugins/tsb-cotacao/	23 KB 8 KB	30ms 30ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/plugins/tsb-cotacao/jquery.validate.min.js?ver=6.1.1 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 24 Jun 2022 11:26:46 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"62b59f76-5add" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d5416c0c9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	seudireito-logo.png.webp seudireito.proteste.org.br/wp-content/uploads/2023/04/	1 KB 2 KB	32ms 31ms	Image image/webp	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/uploads/2023/04/seudireito-logo.png.webp Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d04653e065e98639474410806b3d46756e800844a8850533a5ac546c0855f6b2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 26634 alt-svc h3=":443"; ma=86400 content-length 1388 last-modified Mon, 10 Apr 2023 13:57:05 GMT server cloudflare etag "643415b1-56c" vary Accept-Encoding content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8904d53f4aa39f8d-AMS expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery.form.min.js Show response seudireito.proteste.org.br/wp-includes/js/jquery/	16 KB 6 KB	34ms 33ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd947fc70043b66e61cf4aa9ccb2c0472e7ca8898879239c62b51582161c266c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:37:48 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3fc-3e69" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d5419c369f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery.magnific-popup.min.js Show response seudireito.proteste.org.br/wp-content/cache/min/1/ajax/libs/magnific-popup.js/1.1.0/	20 KB 7 KB	35ms 35ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/cache/min/1/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=1716906782 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 467c4e20118b900d120daea047065971c5848d445c264b2ccceb11bf63196349 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 May 2024 14:33:02 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"6655eb1e-4ef7" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d541dc529f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H3	200	jquery.sticky-kit.min.js Show response seudireito.proteste.org.br/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/	3 KB 1 KB	29ms 29ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 23 Jan 2023 18:36:33 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"63ced3b1-b5b" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d5420c739f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H2	200	4afbea22-49c6-49c4-427a-08dc6ebc3c35 Show response tags.premiumads.com.br/dfp/	89 KB 30 KB	84ms 25ms	Script text/javascript	2606:4700:20::681a:f79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.premiumads.com.br/dfp/4afbea22-49c6-49c4-427a-08dc6ebc3c35 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash db4837171e596fff1284b3c8b7a08f654c65a2474550007c3a9947ff6b027e03 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 x-powered-by ASP.NET request-context appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107 cf-bgj minify last-modified Wed, 05 Jun 2024 15:14:44 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjB0ho71SEXtr4%2FnFCDls%2FhT%2BVZSwX1vheL3hEM88Ns97BmEPC8EWfXtOh2lfAvXfgsAZubfiiT897mWl1IHsjKEustzosY%2BDwPzwBfmmU%2BLfwQYNfgruaTFBNxAj93G8Ar56qzL4UNTmTlBaPczpl9hPr4%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=3600 cf-ray 8904d5429ae46621-AMS
GET H3	200	lazyload.min.js Show response seudireito.proteste.org.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/	9 KB 3 KB	28ms 28ms	Script application/javascript	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 22 Nov 2023 12:19:19 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 26635 etag W/"655df1c7-22bc" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 8904d5426caf9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:52 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	39ms 18ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: seudireito.proteste.org.br URL: https://seudireito.proteste.org.br/wp-content/cache/background-css/seudireito.proteste.org.br/wp-content/cache/min/1/wp-content/themes/proteste/assets/css/style.css?ver=1716906781&wpr_t=1717260558 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 08 Jun 2024 00:40:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 08 Jun 2024 00:40:52 GMT
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 22aba74c10786847e4d935f8630dadfdc7ed93440a67e6b3472e52193e910433 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33ce08b5f79248e1887e156e73c3d0843fcbe289c008cf1044b9511183d7eb25 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13709eb92cc8d30ddca86cac6a763b4e40a4a5d6a338ce79e4220d91fe24c36a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0b290c16017abe52995ed6ef10dc1f9b3cc9a24b4344a19603f2b86f6c68383d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07e268b167915a09fc8211e44352718270077b01e742bbe579c59c99e2ef65d4 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 31dd65b080ad82a3ccbc123dc49c8f4733a38cb8d1ab66e3a8fbe6a13b7f8c60 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b08649747b26a09eec08f02a58d8ee49e90e9762bbfbf7bec7c8afcc69bdc0f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b90b68f8428cf78db12040616b5d1a71fed4f673b464ebf8e8f5f89385cdcef Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89a40c3b790e1ee918eee58bccc44b335a8345537fd01929813f2eb6007bb83f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	305 KB 76 KB	78ms 14ms	Script application/javascript	108.138.32.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/dfp/4afbea22-49c6-49c4-427a-08dc6ebc3c35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-75.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:00:56 GMT content-encoding gzip via 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront) last-modified Tue, 28 May 2024 21:30:42 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, MUC50-P2 age 2398 x-amz-server-side-encryption AES256 etag W/"7e37c61c24c4f874b286570f1eebc0ea" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id ZuWBpo6P1O0FutLfgx-tVHiYx9mG3jjTKsmdfH7BEwcnDSuF-PBGwA==
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	95 KB 30 KB	36ms 20ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/dfp/4afbea22-49c6-49c4-427a-08dc6ebc3c35 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96ff80de58d881daba65ea88dbcb703650b6dcb4a9cc307b749f9966e3fdaa7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30682 x-xss-protection 0 server cafe etag 776 / 19882 / 31084373 / config-hash: 14353985682650205947 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 08 Jun 2024 00:40:52 GMT
GET H2	200	pbjs-min.js Show response tags.premiumads.com.br/scripts/	396 KB 167 KB	21ms 20ms	Script text/javascript	2606:4700:20::681a:f79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/dfp/4afbea22-49c6-49c4-427a-08dc6ebc3c35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 324f7bd07bcddcd1d98aafa83a11d06cdf000049a0b085ef05b81dee4e66c1e0 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT content-encoding gzip strict-transport-security max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 1857862 x-powered-by ASP.NET request-context appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107 last-modified Fri, 10 May 2024 05:36:44 GMT server cloudflare etag "1daa29c0ac4d06d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otcvupgQouwgGwkPefe0VbFp%2BJ79Eu2PGnuLq5QO5wlV6tCBYU3FNeWFY4D1ezeaM%2B46kQfT5MeW8TR2k%2BOhxjtdiabFL4jEZmD1ljtj%2B7JQLhK2WpGHdCnliKyMLvucaTE9LqpAmrfP6R%2FS7U2D9Frnp1g%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control public, max-age=31536000 cf-ray 8904d5432b346621-AMS
GET H2	200	p_icons_3.png tags.premiumads.com.br/Content/	12 KB 12 KB	31ms 31ms	Image image/png	2606:4700:20::681a:f79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tags.premiumads.com.br/Content/p_icons_3.png Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://consumidoremdia.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=2592000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2106253 x-powered-by ASP.NET content-length 12013 request-context appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107 last-modified Fri, 10 May 2024 05:20:38 GMT server cloudflare etag "1daa299cafb39ed" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNxNmlZXdpQjGSVFY9GEwxY8WcoJi50eawlrvWOnHDT8Zm4Q%2FTlEd70tYrpSO9WEO9UB6Ht4M6ZcPDsszHqQX7Dh5hgBbtPPeTgek7Le%2BExyMGv8kL3PVJaVrf0dypuQVa02lvJ8oe5PkzZlmzcM%2B64Szf4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8904d5432b386621-AMS
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	radar-proteste-logo-small.png.webp seudireito.proteste.org.br/wp-content/uploads/2023/04/	2 KB 3 KB	32ms 31ms	Image image/webp	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/uploads/2023/04/radar-proteste-logo-small.png.webp Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 983407a1c8066a571af14e2d00751e4e0b4b3b49e8a14caee2abfc4bbbabedd9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 32859 alt-svc h3=":443"; ma=86400 content-length 2322 last-modified Mon, 10 Apr 2023 13:57:05 GMT server cloudflare etag "643415b1-912" vary Accept-Encoding content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8904d5433d669f8d-AMS expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	search-2.svg seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/	638 B 607 B	324ms 323ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/search-2.svg?1717271356 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c8f058052cfd080d7a9288241707d93bb50e788467f8d0f76d320afb9898dc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Aug 2020 16:58:34 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"5f3ab73a-27e" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5433d689f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	acessibilidade-font-2.svg seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/	480 B 552 B	320ms 319ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/acessibilidade-font-2.svg?1717271356 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b46dd5766b19c0c7c522b96fc7b5fe3479710ef00e9446a85382b2c7462ff137 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Mon, 17 Aug 2020 16:58:35 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"5f3ab73b-1e0" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5433d699f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	acessibilidade-contraste-2.svg seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/	786 B 673 B	318ms 317ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/acessibilidade-contraste-2.svg?1717271356 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22ccab50367d691f129c4c0ef6a9e27040de3de278f64342c7513dbd8fca7e5a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Aug 2020 16:58:36 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"5f3ab73c-312" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5433d6a9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	facebook-white.svg seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/	441 B 1 KB	321ms 320ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/facebook-white.svg?1717271356 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 345f89b7ea7a2bc040c729498705a42a5bdd6231f74115310c5bdd3411d01455 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=15552000; includeSubDomains; preload content-security-policy-report-only script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=WSsU6HVtJnlTXsXeyjIZm6oHJztmpzUxxTS0mcM8qu8-1717807253-1.0.1.1-HpGAeHWDWRQHxUoJiv5XoaG0YjNkIUIs.r2I8z4WlzKHn6SC9CySQ2juwAVxnxEaTK2knXJ7oYNRxE0fmW7Y6IHZ.FdMf1mxdm1NX8erlOXF6Ndc8r3OhZs_4Sc87ydZAALLdSCCElTpmEuPiZt5wb2SChhfpQK1GrabBMyq6J8; report-to cf-csp-endpoint alt-svc h3=":443"; ma=86400 last-modified Mon, 17 Aug 2020 16:58:35 GMT server cloudflare etag W/"5f3ab73b-1b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=WSsU6HVtJnlTXsXeyjIZm6oHJztmpzUxxTS0mcM8qu8-1717807253-1.0.1.1-HpGAeHWDWRQHxUoJiv5XoaG0YjNkIUIs.r2I8z4WlzKHn6SC9CySQ2juwAVxnxEaTK2knXJ7oYNRxE0fmW7Y6IHZ.FdMf1mxdm1NX8erlOXF6Ndc8r3OhZs_4Sc87ydZAALLdSCCElTpmEuPiZt5wb2SChhfpQK1GrabBMyq6J8"}],"group":"cf-csp-endpoint","max_age":86400} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5433d6b9f8d-AMS expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	twitter-white.svg seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/	825 B 721 B	272ms 272ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/themes/proteste/assets/images/svg/twitter-white.svg?1717271356 Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aa1f772bf0a2824e1b0773d532cbab4370056478ba7cbc8f6659381f6fe9551 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Aug 2020 16:58:35 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"5f3ab73b-339" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5433d6c9f8d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	youtube_white.svg.svg conectaja.proteste.org.br/wp-content/uploads/2023/04/	1 KB 838 B	66ms 30ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://conectaja.proteste.org.br/wp-content/uploads/2023/04/youtube_white.svg.svg Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b39353a4c0d851cf99803f60e8bc8d9d3f569da344f92c36309fcff8cbaee069 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 11 Apr 2023 16:29:45 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 33562 etag W/"64358af9-52e" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5436a259f88-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	linkedin-white.svg conectaja.proteste.org.br/wp-content/uploads/2023/04/	858 B 817 B	64ms 28ms	Image image/svg+xml	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://conectaja.proteste.org.br/wp-content/uploads/2023/04/linkedin-white.svg Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac91b51284d8f3d9aef2ba28d195497a20a9b1f59626af808bcce08d53b4d2ca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 20 Apr 2023 18:30:51 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 33562 etag W/"644184db-35a" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 8904d5436a249f88-AMS alt-svc h3=":443"; ma=86400 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	consumidor-conferindo-nota-fiscal-em-frente-a-carrinho-de-compras-de-supermercado.jpg.webp seudireito.proteste.org.br/wp-content/uploads/2023/07/	45 KB 45 KB	515ms 514ms	Image image/webp	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seudireito.proteste.org.br/wp-content/uploads/2023/07/consumidor-conferindo-nota-fiscal-em-frente-a-carrinho-de-compras-de-supermercado.jpg.webp Requested by Host: consumidoremdia.site URL: https://consumidoremdia.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97d68d96c791e1514fb85312030765724050ac56b18dc96bfdda866a6a28e015 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 15 Jul 2023 10:22:13 GMT server cloudflare etag "64b27355-b40a" vary Accept-Encoding content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8904d5433d6d9f8d-AMS alt-svc h3=":443"; ma=86400 content-length 46090 expires Sun, 08 Jun 2025 00:40:53 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/	459 KB 143 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 10:00:52 GMT content-encoding br x-content-type-options nosniff age 52801 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 146466 x-xss-protection 0 server cafe etag 288610800658649615 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 07 Jun 2025 10:00:52 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	68 B 76 B	30ms 15ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=consumidoremdia.site Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 32db9d499fe9c0ec4a5f89cadfcd980c0eb383edf7f852150e9f4d650ac001e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52 x-xss-protection 0 expires Sat, 08 Jun 2024 00:40:53 GMT
GET		/ id.navegg.com/uid/	0 0
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	12 KB 7 KB	200ms 180ms	Fetch application/json	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash ad53dd5fc2a006ee2c2f2ccfc9671da53ad2e34bc4d4fcabe5fde9c0e1c125ed Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip an-x-request-uuid 634c6423-2c47-4d55-b1c3-0d5006194395 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness vary Accept-Encoding p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://consumidoremdia.site cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 138.199.38.133; 138.199.38.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST		auction tlx.3lift.com/header/	0 0
POST H2	204	cdb Show response bidder.criteo.com/	0 199 B	46ms 13ms	Fetch	178.250.1.8 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=24232613575&lsavail=1 Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://consumidoremdia.site date Sat, 08 Jun 2024 00:40:52 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
POST H2	403	9151813 Show response bs.yandex.ru/prebid/	27 B 472 B	180ms 65ms	Fetch text/html	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://bs.yandex.ru/prebid/9151813?imp-id=1&target-ref=consumidoremdia.site&ssp-id=10500&ssp-cur=USD Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-security-policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip last-modified Sat, 08 Jun 2024 00:40:53 GMT x-yandex-req-id 1717807253233135-1180318019045549587400299-production-app-host-vla-pcode-337 content-type text/html; charset=windows-1251 access-control-allow-origin https://consumidoremdia.site cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true expires Sat, 08 Jun 2024 00:40:53 GMT
POST H2	403	9151813 Show response bs.yandex.ru/prebid/	27 B 1 KB	178ms 63ms	Fetch text/html	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://bs.yandex.ru/prebid/9151813?imp-id=1&target-ref=consumidoremdia.site&ssp-id=10500&ssp-cur=USD Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-security-policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip last-modified Sat, 08 Jun 2024 00:40:53 GMT x-yandex-req-id 1717807253234421-834494810087135331400296-production-app-host-vla-pcode-430 content-type text/html; charset=windows-1251 access-control-allow-origin https://consumidoremdia.site cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true expires Sat, 08 Jun 2024 00:40:53 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 417 B	29ms 8ms	Fetch application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://consumidoremdia.site p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41 alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900
GET H2	200	331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Show response config.aps.amazon-adsystem.com/configs/	563 B 840 B	46ms 12ms	Script application/javascript	108.138.36.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-117.muc50.r.cloudfront.net Software CloudFront / Resource Hash c8a7259b9044de0bfbbdd439312c751736a7ff63ec70bbd54aa081ddd0bcf7b3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 23:50:21 GMT via 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 age 3032 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 563 x-amz-cf-id ySUN-aPWEp4M8z917D76yA_fVCfYAf1EYSGijVdbBCfjPoq3KukLkw==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 306 B	115ms 115ms	XHR text/plain	108.138.32.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fconsumidoremdia.site&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-75.muc50.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT via 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront) server Server x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront access-control-allow-origin https://consumidoremdia.site cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id TCAFfWJZIEQAb72ZD-Z5Tlf1Txt18Ylhf5xwpN4HWuzYCAq72exfsg==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 360 B	344ms 270ms	XHR text/javascript	18.173.191.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fconsumidoremdia.site%2F&pid=cUFMZ89hm6K5m&cb=0&ws=1600x1200&v=24.521.1732&t=2500&slots=%5B%7B%22sd%22%3A%22P_SEU_DIREITO_FLEX_0%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F75894840%2C22776910974%2FSEU_DIREITO_FLEX%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%2C%7B%22sd%22%3A%22P_SEU_DIREITO_HEADERSTICKY_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F75894840%2C22776910974%2FSEU_DIREITO_HEADERSTICKY%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%5D&schain=1.0%2C1%21premiumads.com.br%2Cb1497ce1-11c8-4dcd-54d5-08dc6ebc3c1c%2C1%2C%2C%2C&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.191.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-191-98.muc50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:52 GMT via 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront) server Server x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://consumidoremdia.site access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id N0ZTfTkPIYYX8W5tkDwgvhxslMfGdfHocfScbckcbwTIbJ579HNdFA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	44ms 21ms	XHR application/javascript	108.138.32.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-75.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront) date Fri, 07 Jun 2024 18:14:51 GMT x-amz-cf-pop MUC50-P2 age 23163 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id A30cGhWszgtFUGfwpUdifJbUkOYsR4l0LGje1xEXaxtQQcFS1dzSrQ==
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	915 B 279 B	56ms 40ms	Fetch text/plain	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=3413680090752830&correlator=4148256328878671&eid=44809527%2C31084263%2C31084390%2C31084373%2C31078668&output=ldjh&gdfp_req=1&vrg=202406050101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=75894840%3A22776910974%2CSEU_DIREITO_FLEX%2CSEU_DIREITO_HEADERSTICKY&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=120x600%2C728x90&ifi=1&sfv=1-0-40&fsbs=1%2C1&sc=1&abxe=1&dt=1717807253470&lmt=1717807253&adxs=-135%2C15&adys=315%2C1215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fconsumidoremdia.site%2F&vis=1&psz=150x-1%7C758x-1&msz=120x-1%7C758x-1&fws=512%2C512&ohw=0%2C0&ga_vid=454673731.1717807253&ga_sid=1717807253&ga_hid=547306378&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717807252079&idt=995&prev_scp=data_type%3Dflex%26pp_loop%3D00%26pp_pb%3D0.15%26amznbid%3D2%26amznp%3D2%7Cdata_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.15%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D162a60a7267ce76%26hb_bidder%3Dappnexus&cust_params=url%3Dseudireito.proteste.org.br%26categoria%3Dhome&adks=3590923179%2C2377851845&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fb2f8514c4eaa38b7640c934001bf630de097921b305828e9d356c2922f2b5bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0 google-lineitem-id -2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://consumidoremdia.site cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 753ac097b122ef2762d1a40c949da810.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35C7	0 0	73ms 14ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://753ac097b122ef2762d1a40c949da810.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 08 Jun 2024 00:40:53 GMT expires Sat, 08 Jun 2024 00:40:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	26ms 25ms	XHR application/json	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406050101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b859cf75484016d9c2e900a595c330cae54e80fcd575280ac7ca2f0482db65c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12704 x-xss-protection 0
GET H3	200	favicon16.png.webp seudireito.proteste.org.br/wp-content/uploads/2023/04/	478 B 721 B	29ms 29ms	Other image/webp	2606:4700::6812:b15a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seudireito.proteste.org.br/wp-content/uploads/2023/04/favicon16.png.webp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:b15a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9504e7c07b4e02e0ec19ca6c7b58449496aa082876653ad8c1c77d704f954d7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 32520 alt-svc h3=":443"; ma=86400 content-length 478 last-modified Mon, 10 Apr 2023 14:02:07 GMT server cloudflare etag "643416df-1de" vary Accept-Encoding content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8904d546d88a9f8d-AMS expires Sun, 08 Jun 2025 00:40:53 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	44ms 18ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 08 Jun 2024 00:40:53 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5705	0 0	25ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 9838 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 07 Jun 2024 21:56:55 GMT expires Sat, 07 Jun 2025 21:56:55 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 359 B	53ms 52ms	XHR text/javascript	18.173.191.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fconsumidoremdia.site%2F&pid=cUFMZ89hm6K5m&cb=1&ws=1600x1200&v=24.521.1732&t=2500&slots=%5B%7B%22sd%22%3A%22P_SEU_DIREITO_FLEX_0%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F75894840%2C22776910974%2FSEU_DIREITO_FLEX%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%5D&schain=1.0%2C1%21premiumads.com.br%2Cb1497ce1-11c8-4dcd-54d5-08dc6ebc3c1c%2C1%2C%2C%2C&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.191.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-191-98.muc50.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:54 GMT via 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront) server Server x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://consumidoremdia.site access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id MKpw5lDZWL6rr7L55LwTSpWmxcC6-sNmRVZeI_9uekhfw8i8Z2HTww==
POST H2	204	cdb Show response bidder.criteo.com/	0 198 B	13ms 13ms	Fetch	178.250.1.8 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=71858478605&lsavail=1 Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://consumidoremdia.site date Sat, 08 Jun 2024 00:40:54 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	96ms 95ms	Fetch application/json	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 119484c9dea3e4e12ae5a3dac6f3584dce50d4ae16bbc0f1124f58b27c0529cf Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Sat, 08 Jun 2024 00:40:54 GMT an-x-request-uuid 0713b606-6006-4341-b43e-922a32dbec62 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://consumidoremdia.site cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 138.199.38.133; 138.199.38.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 145 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 416 B	8ms 7ms	Fetch application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://consumidoremdia.site p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41 alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900
POST H2	403	9151813 Show response bs.yandex.ru/prebid/	27 B 202 B	68ms 67ms	Fetch text/html	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://bs.yandex.ru/prebid/9151813?imp-id=1&target-ref=consumidoremdia.site&ssp-id=10500&ssp-cur=USD Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-security-policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= date Sat, 08 Jun 2024 00:40:54 GMT content-encoding gzip last-modified Sat, 08 Jun 2024 00:40:54 GMT x-yandex-req-id 1717807254575514-1687536084709472346600375-production-app-host-sas-pcode-102 content-type text/html; charset=windows-1251 access-control-allow-origin https://consumidoremdia.site cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true expires Sat, 08 Jun 2024 00:40:54 GMT
POST		auction tlx.3lift.com/header/	0 0
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 361 B	50ms 49ms	XHR text/javascript	18.173.191.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fconsumidoremdia.site%2F&pid=cUFMZ89hm6K5m&cb=2&ws=1600x1200&v=24.521.1732&t=2500&slots=%5B%7B%22sd%22%3A%22P_SEU_DIREITO_HEADERSTICKY_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F75894840%2C22776910974%2FSEU_DIREITO_HEADERSTICKY%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A3%7D%5D&schain=1.0%2C1%21premiumads.com.br%2Cb1497ce1-11c8-4dcd-54d5-08dc6ebc3c1c%2C1%2C%2C%2C&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.191.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-191-98.muc50.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:54 GMT via 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront) server Server x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://consumidoremdia.site access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id BRz7MMnLN39AZezTZU5KD0hqI4kPeYCgB5ZHTjynAmhSJZbWXakeKQ==
POST H2	403	9151813 Show response bs.yandex.ru/prebid/	27 B 133 B	64ms 64ms	Fetch text/html	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://bs.yandex.ru/prebid/9151813?imp-id=1&target-ref=consumidoremdia.site&ssp-id=10500&ssp-cur=USD Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-security-policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform= date Sat, 08 Jun 2024 00:40:54 GMT content-encoding gzip last-modified Sat, 08 Jun 2024 00:40:54 GMT x-yandex-req-id 1717807254579186-1364873219661539233700256-production-app-host-vla-pcode-173 content-type text/html; charset=windows-1251 access-control-allow-origin https://consumidoremdia.site cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true expires Sat, 08 Jun 2024 00:40:54 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	13 KB 7 KB	229ms 229ms	Fetch application/json	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 80cb8bf99086e6685dfba4b4942131940a64767bf1cccda291acf7365ae5c112 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Sat, 08 Jun 2024 00:40:54 GMT content-encoding gzip an-x-request-uuid 9de999fc-a0f7-42c4-a172-8cb256961f0d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness vary Accept-Encoding p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://consumidoremdia.site cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 138.199.38.133; 138.199.38.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST		auction tlx.3lift.com/header/	0 0
POST H2	204	cdb Show response bidder.criteo.com/	0 198 B	14ms 13ms	Fetch	178.250.1.8 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=68185518001&lsavail=1 Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://consumidoremdia.site date Sat, 08 Jun 2024 00:40:54 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 416 B	11ms 10ms	Fetch application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 content-type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://consumidoremdia.site p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41 alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	411 B 173 B	33ms 33ms	Fetch text/plain	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=3413680090752830&correlator=934700651648556&eid=44809527%2C31084263%2C31084390%2C31084373%2C31078668&output=ldjh&gdfp_req=1&vrg=202406050101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=75894840%3A22776910974%2CSEU_DIREITO_FLEX&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=3&sfv=1-0-40&fsbs=1&rcs=1&eri=1&sc=1&abxe=1&dt=1717807254645&lmt=1717807254&adxs=-135&adys=315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fconsumidoremdia.site%2F&vis=1&psz=150x-1&msz=120x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=454673731.1717807253&ga_sid=1717807253&ga_hid=547306378&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717807252079&idt=995&prev_scp=data_type%3Dflex%26pp_refresh%3Dtrue%26pp_loop%3D01%26amznbid%3D2%26amznp%3D2&cust_params=url%3Dseudireito.proteste.org.br%26categoria%3Dhome&adks=3590923179&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3680b32b464ad02d6aa97dd481d97a8b7fd27986bb2a3c8d9c8e8910aeed2e22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:54 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://consumidoremdia.site cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	418 B 177 B	34ms 34ms	Fetch text/plain	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=3413680090752830&correlator=739762110375632&eid=44809527%2C31084263%2C31084390%2C31084373%2C31078668&output=ldjh&gdfp_req=1&vrg=202406050101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=75894840%3A22776910974%2CSEU_DIREITO_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&fsbs=1&rcs=1&eri=1&sc=1&abxe=1&dt=1717807254647&lmt=1717807254&adxs=15&adys=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fconsumidoremdia.site%2F&vis=1&psz=758x-1&msz=758x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=454673731.1717807253&ga_sid=1717807253&ga_hid=547306378&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717807252079&idt=995&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_refresh%3Dtrue%26pp_loop%3D01%26amznbid%3D2%26amznp%3D2&cust_params=url%3Dseudireito.proteste.org.br%26categoria%3Dhome&adks=2377851845&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dcb0ace270504cc5f4e5a586be07abe660828f23a43f0b8ca0217a5f2fbdfff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:54 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://consumidoremdia.site cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	publishertag.prebid.144.js Show response static.criteo.net/js/ld/	96 KB 31 KB	56ms 24ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.144.js Requested by Host: tags.premiumads.com.br URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20240415 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:55 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-1811e" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 09 Jun 2024 00:40:55 GMT
GET H2	200	syncframe gum.criteo.com/ Frame 883A	0 0	43ms 14ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=consumidoremdia.site Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 08 Jun 2024 00:40:55 GMT server Kestrel server-processing-duration-in-ticks 323599 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H2	200	publishertag.prebid.144.js Show response static.criteo.net/js/ld/	96 KB 0	0ms 0ms	XHR text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.144.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 00:40:55 GMT content-encoding gzip last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-1811e" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 09 Jun 2024 00:40:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

id.navegg.com

URL

https://id.navegg.com/uid/

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fconsumidoremdia.site%2F&tmax=2500

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406050101&jk=3413680090752830&bg=!AwClAE_NAAb64txl2uI7ADQBe5WfOOK2vmRbzTlU4vVsR5mYLxgjsu4DzwqiDBuabL-Azpa1aLeCmHG49iXSsOBPf-_2AgAAADFSAAAAAmgBB34ANUXCqMMg0wph5UJNwey-SL3T3roR01sP-h4-tIFFLqszFpEmkNAmVE6titHap38WiTIiMVv_mQKlcJ0DM7IsSvg14nsVeVGxaMac7sDEx7Fot5imJH1pPHEhKIE8XLWMXUDz-VqSLEvLPsRQi2CXLeqCydS17am_1MrUwAwlz2C-iTa28Tnqf2IpsuYZqgu79ywSBh95eM_zRoTSg918eBEwt3MHnAfa0InwgMxTz3ay5YikM5Rn_IuKYDlIkE2tD2kCn1w7yqdnMzThS3HVg9hI-bGBc2hz4OnZAT4R_OZa7WlqoE8EnYjtP0VQV0M6PugSf8JCXsWe6X9DG2b9GZJ9t2emaSPgmi7-v7M7Z5YqmqpVjOupDjbXThah5r6Naf3ieK5oHdsXeaWSQq4oleajXB-toVd2_PdgaNjv2-LNmoF3V2WydSc4dayPT4F0S53L6Q9zmd9R1hkH5OEsF8_WqtpmCV-PdfVDenmvNtuLBZIAjFrcnjVSU-7Gkd2ckZ9Tb5HVtNX8bHw3D87kLuhq4IePLNzQdwRYEGDX7fdl4Sq77H2Cdlpn4jJWzo3NnsVYjU6IcQgzEStNjbcpDFB6HRWqPEJlhIv4C3V8FIZg8i20avSb8_ORX6YGGczGy3K1q_lypDkJD9MHZebLoSZjHUyS1QVIIkioNdTfB4yh8mw2lMhUs8tzoRfKcikEQjyWsQMyL1JggUj4FTtbdoU1omSSm76flAvcfaQD7v7gBF2UViNvOeGRU9143GIa9-JAPSEHNzLLtsGikRGJEJJ7Co2fK81erLik8kPU9kU80qN_FzuZud3uOwdtNMY3FLaOCQI0I4dKNkiNPzzYOdcXL6l_vlETOufHTRka7_keNkfUei6oP6h0UiLYk8-mNUXHWzZonnmreIoyJ2tjkuKk8sWizPqlT9FJsrZ4KqYhUWd_tg91oNcchY73j3KmIAhE3wdjH9y8-g8V_XM

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fconsumidoremdia.site%2F&tmax=2500

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fconsumidoremdia.site%2F&tmax=2500