Submitted URL: http://seudinheiro.com/
Effective URL: https://www.seudinheiro.com/
Submission: On January 11 via api from CH — Scanned from DE

Summary

This website contacted 47 IPs in 5 countries across 32 domains to perform 219 HTTP transactions. The main IP is 2606:4700:10::6816:149c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.seudinheiro.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.
This is the only time www.seudinheiro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 22 2606:4700:10:... 13335 (CLOUDFLAR...)
8 142.250.181.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
45 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.98.123 16509 (AMAZON-02)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.66 15169 (GOOGLE)
2 4 143.204.98.82 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 18.66.248.64 16509 (AMAZON-02)
3 18.185.191.84 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.76 16509 (AMAZON-02)
4 89.187.169.47 60068 (CDN77 ^_^)
4 2a03:2880:f00... 32934 (FACEBOOK)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 143.204.98.33 16509 (AMAZON-02)
1 143.204.98.70 16509 (AMAZON-02)
1 143.204.98.69 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:401... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 1 3.248.66.137 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
4 5 142.250.185.194 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.173.62 29990 (ASN-APPNEX)
11 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
1 213.202.235.8 24961 (MYLOC-AS ...)
1 2 34.247.1.155 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
2 2606:4700::68... 13335 (CLOUDFLAR...)
219 47
Apex Domain
Subdomains
Transfer
67 seudinheiro.com
seudinheiro.com — Cisco Umbrella Rank: 758611
www.seudinheiro.com
assets.seudinheiro.com
media.seudinheiro.com
vip.seudinheiro.com
1 MB
29 googlesyndication.com
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
202 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
219 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
253 KB
11 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 19113
usr.navdmp.com — Cisco Umbrella Rank: 21604
cdn.navdmp.com — Cisco Umbrella Rank: 4505
sync2.navdmp.com — Cisco Umbrella Rank: 33958
sync.navdmp.com — Cisco Umbrella Rank: 7210
opi.navdmp.com — Cisco Umbrella Rank: 328482
7 KB
10 moneytimes.com.br
media.moneytimes.com.br — Cisco Umbrella Rank: 925388
466 KB
10 tradingview.com
s3.tradingview.com — Cisco Umbrella Rank: 17070
s.tradingview.com — Cisco Umbrella Rank: 20884
456 KB
7 google.com
ampcid.google.com — Cisco Umbrella Rank: 1586
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
107 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
77 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2844
onesignal.com — Cisco Umbrella Rank: 1221
83 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
724 B
4 omappapi.com
api.omappapi.com — Cisco Umbrella Rank: 4964
a.omappapi.com — Cisco Umbrella Rank: 5311
49 KB
4 google.de
ampcid.google.de — Cisco Umbrella Rank: 45749
adservice.google.de — Cisco Umbrella Rank: 8579
www.google.de — Cisco Umbrella Rank: 6151
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
197 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 124
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
111 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 857
65 KB
3 manychat.com
widget.manychat.com — Cisco Umbrella Rank: 29323
manychat.com — Cisco Umbrella Rank: 26736
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 demdex.net
skydeutschland.demdex.net — Cisco Umbrella Rank: 118976
2 KB
2 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 553
static.adsafeprotected.com — Cisco Umbrella Rank: 526
688 B
2 gstatic.com
fonts.gstatic.com
47 KB
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 775
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1039
610 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
22 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10719
1 KB
1 mccdn.me
mccdn.me — Cisco Umbrella Rank: 30337
94 KB
1 optmnstr.com
a.optmnstr.com — Cisco Umbrella Rank: 16214
56 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
219 32
Domain Requested by
37 assets.seudinheiro.com www.seudinheiro.com
assets.seudinheiro.com
17 www.seudinheiro.com www.seudinheiro.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
13 pagead2.googlesyndication.com 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
11 s0.2mdn.net www.seudinheiro.com
s0.2mdn.net
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
10 media.moneytimes.com.br www.seudinheiro.com
10 media.seudinheiro.com www.seudinheiro.com
9 s.tradingview.com s3.tradingview.com
s.tradingview.com
8 securepubads.g.doubleclick.net www.seudinheiro.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 www.googletagmanager.com www.seudinheiro.com
s.tradingview.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
5 www.google.com www.seudinheiro.com
securepubads.g.doubleclick.net
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 www.facebook.com www.seudinheiro.com
4 connect.facebook.net www.seudinheiro.com
connect.facebook.net
4 sb.scorecardresearch.com 2 redirects www.seudinheiro.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com securepubads.g.doubleclick.net
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
3 googleads.g.doubleclick.net www.googleadservices.com
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
www.seudinheiro.com
3 a.omappapi.com a.optmnstr.com
3 onesignal.com cdn.onesignal.com
3 tag.navdmp.com www.seudinheiro.com
tag.navdmp.com
3 fonts.googleapis.com www.seudinheiro.com
client
2 opi.navdmp.com tag.navdmp.com
2 cdn.navdmp.com tag.navdmp.com
2 skydeutschland.demdex.net 1 redirects 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net www.seudinheiro.com
2 www.google.de www.seudinheiro.com
2 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 manychat.com mccdn.me
2 usr.navdmp.com tag.navdmp.com
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 fonts.gstatic.com fonts.googleapis.com
2 seudinheiro.com 2 redirects
1 cms.analytics.yahoo.com www.seudinheiro.com
1 sync.navdmp.com www.seudinheiro.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com www.seudinheiro.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 m.exactag.com 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
1 static.adsafeprotected.com 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
1 pixel.adsafeprotected.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 vars.hotjar.com static.hotjar.com
1 api.omappapi.com a.optmnstr.com
1 script.hotjar.com static.hotjar.com
1 ampcid.google.de www.google-analytics.com
1 mccdn.me widget.manychat.com
1 ampcid.google.com www.google-analytics.com
1 a.optmnstr.com www.googletagmanager.com
1 static.hotjar.com www.seudinheiro.com
1 widget.manychat.com www.googletagmanager.com
1 vip.seudinheiro.com assets.seudinheiro.com
1 www.googleadservices.com www.googletagmanager.com
1 s3.tradingview.com www.seudinheiro.com
219 58
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-14 -
2022-06-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.tradingview.com
Amazon
2021-03-11 -
2022-04-09
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
widget.manychat.com
Sectigo ECC Domain Validation Secure Server CA
2021-03-18 -
2022-04-18
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
a.optmnstr.com
R3
2022-01-08 -
2022-04-08
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-20 -
2022-01-18
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
mccdn.me
Cloudflare Inc ECC CA-3
2021-05-31 -
2022-05-30
a year crt.sh
*.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
api.opmnstr.com
Amazon
2021-03-11 -
2022-04-09
a year crt.sh
a.omappapi.com
R3
2022-01-08 -
2022-04-08
3 months crt.sh
manychat.com
Sectigo ECC Domain Validation Secure Server CA
2021-05-03 -
2022-06-02
a year crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2021-08-16 -
2022-09-14
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-19 -
2022-04-13
6 months crt.sh

This page contains 14 frames:

Primary Page: https://www.seudinheiro.com/
Frame ID: EDA2E8CAF2BB2CA0E3D4446771533BD7
Requests: 141 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Frame ID: 52C876C285C6166A84B4AD14AB1C3F2D
Requests: 16 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: BBFAA31DB61E92CBCA2072A9BE9806EB
Requests: 1 HTTP requests in this frame

Frame: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8B186D30163BBCBE98D33C59BF748355
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 94E86BE7AE8001637E25EDBBEC816CB9
Requests: 1 HTTP requests in this frame

Frame: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F3901E626ACC81AF08B29F6B669D87A
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJr_iXU8UhTI1Tx6SfjiKZ8Kmx8SQlFz3YM-w4nM4tZAfrC8U_5itKAex1cr89BisEVvBIRy6eLATynbjzQpZwo5WD6qqxC-93R-AAfXt4QFqQHlSZSiQS-utltlAqhtxgKR5PrtyTJe7d9W8VkVvIDr3iaoosZ-mz2raz6uzELBqkMj6ymDvLyVUQDOP0oO3vrRzmxph6uJZvIZr_kWCfhkFYghv_uC0B1Qti83AQIjmwfGgAIZCWUSoIQ_aFjRaCjnavg9lgtso1TDOyQ2tJqeSvMwY1soY3LozOY4uYr9kSqk2f5caFFQ&sai=AMfl-YRzcoxthVD1hwNQnH40NPx5UJRp1j5GUmLsm3nzZ60F1mVKhXaw2bfb0wR70WDOgyW2eGgD0zsWOlG_SnE6HNpmPMMfrHO60cfZra9K5Ic_9HLx8rqxnUI6veTJdGI&sig=Cg0ArKJSzI9rYNUhWoS-EAE&uach_m=[UACH]&adurl=
Frame ID: 8DC09B901A548D1BE56F5EE50C3592CE
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9u91cDSs35FMMKCkd-bBNVYiyGS9DOKjwO5jQG-qbCfC5bnbmGpGr-2gkJKjQoR6b97T55foevbU2yygfNGCwQSDsKtBmELixp13ncTjnlq7MsJEImqvsjN2RPrijzrDnS93-It_DfyZNXoWu-aIPDF1eanbV6B7zZBIbQVivf1mZB4MWR87V0glgROh6eM4DEvNwUYRCystJCOqXGFnhgMnjUktRx5gvrbp9ov-zO6umovV96DtP6JObG3ziNi5qqai6izt56uEU2GOod1IqDtVEVjFPHJamjvmS-PKCda_Lb_1xmOec&sai=AMfl-YSRCT9mwfbmmLdRYz3A0muEPPeNhWKkSdzrcnS7Qom027QGWKQNvhw65xDMGBdb9lFSngsSyDew_-phTpblvilDMB1KcEzcdxiZxbSfsINrL7DFeN77YNcGhKKEr-4&sig=Cg0ArKJSzMWMLbH0abRQEAE&uach_m=[UACH]&adurl=
Frame ID: 3B15421DE40990343BB1C59852A274C4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Frame ID: F12CC5C442267C998D5465462D94537C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
Frame ID: 8774DAC94A278022396072BDB015108E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 26AC27915C3821589E6E9FCEEC557B9D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Frame ID: 7DB0B8DACCC59D682E485AEA8CF5FE3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 75E5520548F34467E21693C34803DDBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81B874011F28EE030E3D2CEFF0465888
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Seu Dinheiro - Invista com Inteligência

Page URL History Show full URLs

  1. http://seudinheiro.com/ HTTP 301
    https://seudinheiro.com/ HTTP 301
    https://www.seudinheiro.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • widget\.manychat\.com

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

219
Requests

95 %
HTTPS

58 %
IPv6

32
Domains

58
Subdomains

47
IPs

5
Countries

3789 kB
Transfer

8746 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://seudinheiro.com/ HTTP 301
    https://seudinheiro.com/ HTTP 301
    https://www.seudinheiro.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://sb.scorecardresearch.com/b?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9=
Request Chain 162
  • https://pixel.adsafeprotected.com/rfw/st/907318/59567102/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1&C=1
Request Chain 168
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd2wXTmZTFtMhyVeKcRV5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELtB2n2nu0xZGXB6523pu8o&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJLgY28COfddy-BmvKTMLvY&google_cver=1
Request Chain 170
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2Nzk5OTU0NDE0MDkzNTc1
Request Chain 178
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr_consent= HTTP 302
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=68856999457 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=68856999457&google_gid=CAESED9HtnWO7YYEWZDgtBEoPqk&google_cver=1
Request Chain 186
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=3c0661dd-b05c-4800-a326-1e96b125a019
Request Chain 211
  • https://sb.scorecardresearch.com/c2/32345291/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

219 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.seudinheiro.com/
Redirect Chain
  • http://seudinheiro.com/
  • https://seudinheiro.com/
  • https://www.seudinheiro.com/
510 KB
66 KB
Document
General
Full URL
https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef896a57ca89ed39ab355b2218bf2c712e3dc17cc93255c2ffe8279c3e53d5dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 11 Jan 2022 16:29:08 GMT
content-type
text/html; charset=UTF-8
cf-ray
6cbf85afd8bc4ee0-FRA
cache-control
public, max-age=14400
last-modified
Tue, 11 Jan 2022 16:27:54 GMT
link
<https://www.seudinheiro.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
via
1.1 varnish
cf-cache-status
EXPIRED
cf-apo-via
origin,miss
cf-edge-cache
cache,platform=wordpress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-action
HIT
x-cache-hits
5
x-cache-vs
2
x-cacheable
YES
x-varnish
263217619 263217375
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 11 Jan 2022 16:29:08 GMT
content-length
0
location
https://www.seudinheiro.com/
cf-ray
6cbf85ae1cd14ee0-FRA
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-id-2
e7JG/X0HD0TN54pdojAbx0WWGY5QsN93C0zymmQmdMh5vbYAkG4Gi4fW4/dGp0nk5l9kZV3h4Ms=
x-amz-request-id
VGTD99BP9XKZ1SR9
vary
Accept-Encoding
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/
77 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
sffe /
Resource Hash
2925dd157f5d88937d72985a22604c28692380777b45aaf9723fef3e75af5902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26866
x-xss-protection
0
server
sffe
etag
"1098 / 229 of 1000 / last-modified: 1641893998"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Jan 2022 16:29:09 GMT
css2
fonts.googleapis.com/
4 KB
660 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,900;1,400&display=swap
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7e88254d5205e19c94d41585239fafd00d9f86d09f255dbfb25b89c143c7360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 16:29:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 Jan 2022 16:29:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jan 2022 16:29:08 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0304a54cfca254a0819392b7706f5e3ed053b7b0296a215045bc434ef0dd7c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 16:11:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 Jan 2022 16:29:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jan 2022 16:29:08 GMT
gtm.js
www.googletagmanager.com/
208 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1725ebaf6070b66081e4f2e7a8646229c5661322f98c62bead698469ab9e256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72364
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jan 2022 16:29:10 GMT
sgr.css
assets.seudinheiro.com/app/mu-plugins/simple-google-recaptcha/
132 B
191 B
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/mu-plugins/simple-google-recaptcha/sgr.css?ver=1641433328
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb34bdc6db07472e47875d30aa8503e7d6d3b0614504342d885214ed15ae333

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:16:01 GMT
cache-control
max-age=86400
cf-polished
origSize=180
cf-ray
6cbf85b2bebe4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
style.min.css
assets.seudinheiro.com/wp/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://assets.seudinheiro.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-e33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6cbf85b2bebc4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:16:01 GMT
ms-style.css
assets.seudinheiro.com/app/plugins/makestories-helper/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/plugins/makestories-helper/assets/css/ms-style.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f84cc454a8d5078c82e35f92d342b2d43e10775343497ebb78f8b8f04d0f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-153a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:16:01 GMT
cache-control
max-age=86400
cf-polished
origSize=5434
cf-ray
6cbf85b2beba4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
slick-theme.css
assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/
2 KB
782 B
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/slick-theme.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-c49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:16:01 GMT
cache-control
max-age=86400
cf-polished
origSize=3145
cf-ray
6cbf85b2bebd4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
slick.css
assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/
1 KB
622 B
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/slick.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-6f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:16:01 GMT
cache-control
max-age=86400
cf-polished
origSize=1776
cf-ray
6cbf85b2bec14ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
jquery.fancybox.min.css
assets.seudinheiro.com/app/themes/seudinheiro/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/css/jquery.fancybox.min.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5abd97d8cc264231d8f5fd45ac7402480dcc55e9682dd853f5c594be4c6051

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-3646"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
6cbf85b37ffe4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:09 GMT
flickity.css
assets.seudinheiro.com/app/themes/seudinheiro/css/
2 KB
686 B
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/css/flickity.css?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e8062496fd97c16757e9991fb13eab674a938d9893a24a6e5689aa161f1441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:29:09 GMT
cache-control
public, max-age=86400
cf-polished
origSize=1797
cf-ray
6cbf85b37fff4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
style.css
assets.seudinheiro.com/app/themes/seudinheiro/
52 KB
11 KB
Stylesheet
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932d46a9ea4136b8350e9fa843415194b9bd0a5fbe7b20ba09cf3a4f28f21a00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-117ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Wed, 12 Jan 2022 16:29:09 GMT
cache-control
public, max-age=86400
cf-polished
origSize=71595
cf-ray
6cbf85b378024ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
sgr.js
assets.seudinheiro.com/app/mu-plugins/simple-google-recaptcha/
1 KB
493 B
Script
General
Full URL
https://assets.seudinheiro.com/app/mu-plugins/simple-google-recaptcha/sgr.js?ver=1641433328
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313c4a06d3d2247e07c444cec75c1c30e2d318579c63fde48283ebae43da93f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-54c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 12 Jan 2022 16:16:01 GMT
cache-control
max-age=86400
cf-polished
origSize=1356
cf-ray
6cbf85b378034ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
jquery-3.2.1.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
85 KB
31 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/jquery-3.2.1.min.js?ver=3.2.1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b378044ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:15 GMT
jquery.waypoints.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
9 KB
3 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/jquery.waypoints.min.js?ver=3.2.1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-2344"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b3780c4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:09 GMT
icon-menu.svg
assets.seudinheiro.com/app/themes/seudinheiro/assets/img/
129 B
443 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/assets/img/icon-menu.svg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7898295b7509dfd6b644a0bf950103ce369b29c0a9099beb632bef07a43dc5ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85bc68f3f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:14 GMT
icon-search.svg
assets.seudinheiro.com/app/themes/seudinheiro/assets/img/
290 B
545 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/assets/img/icon-search.svg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c872d965be2abcf146816d5b22be11c1af858d24780bfc14d4ecf6bb7ff544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85d6bac7f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
logo-1.svg
assets.seudinheiro.com/app/themes/seudinheiro/assets/img/
4 KB
2 KB
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/assets/img/logo-1.svg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd981795039aba2d509543f820a380b8a84dfe49554d5f46f30d57fb9d648b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-10e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85d9afc5f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
embed-widget-tickers.js
s3.tradingview.com/external-embedding/
10 KB
11 KB
Script
General
Full URL
https://s3.tradingview.com/external-embedding/embed-widget-tickers.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69ec4cb41f2c67481138f3a18cdbfd51eb9a3b1ea69d305398a15d28db45df6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:30:32 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jan 2022 10:30:23 GMT
server
AmazonS3
age
21524
etag
"6e936bb2c68a7364e9ffc27927e91925"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10743
x-amz-cf-id
24xDO0QUi0_zwq4w8p0zlUCa-RkSmOvE4bqOsFlK91jH9iVi185uZw==
main-webstories-v2.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
773 B
356 B
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/main-webstories-v2.js?v2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634e860a3613da7e7f24e597339df343e3677f65b6372c9702a87212748e0cf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 12 Jan 2022 16:29:09 GMT
cache-control
public, max-age=86400
cf-polished
origSize=1027
cf-ray
6cbf85b6ee8e4ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
bitcoin-queda-criptomoedas-hoje-628x353.png
media.seudinheiro.com/uploads/2021/12/
339 KB
340 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/12/bitcoin-queda-criptomoedas-hoje-628x353.png
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17a1eb9289eed4c3b6a76f8f153f299dd28f8d49811512f852cb1aa608a7eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
EM56JWX40FRMHFGG
cf-polished
origFmt=png, origSize=452103
content-disposition
inline; filename="bitcoin-queda-criptomoedas-hoje-628x353.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
347418
x-amz-id-2
MvYUhXpGZIec+NGqyxKE2QoVGEHjBAhofowqH0UzNDOagHWeyDKmJwU7pR09fx9+3gwP8cEwxPU=
last-modified
Fri, 17 Dec 2021 14:55:13 GMT
server
cloudflare
etag
"486c3a22c65a2e4d46055cb08eeef39e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b74ee0-FRA
cf-bgj
imgq:100,h2pri
Papaleguas-coiote-powell-inflacao-v2B-628x353.jpg
media.seudinheiro.com/uploads/2021/12/
45 KB
45 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/12/Papaleguas-coiote-powell-inflacao-v2B-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3574b54f3950ee22495b61185a9e6b1cc938de223868956f5c68dd4c973201be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
8CWBJDDE2XPVB98Z
cf-polished
origSize=48334, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45919
x-amz-id-2
ZT5Jsag3r/gwfE8sjPg0W5CPJ6rJe5iLg+uUa5x4qp9dTev0JZCFA7QHfqGDZyoECsMqlQr9zqM=
last-modified
Wed, 15 Dec 2021 20:05:51 GMT
server
cloudflare
etag
"51010886ed667e57175520589cf67d81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b14ee0-FRA
cf-bgj
imgq:100,h2pri
Selo-Melhores-Fundos-Imobili%C3%A1rios-2-628x353.jpg
media.seudinheiro.com/uploads/2021/06/
31 KB
32 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/06/Selo-Melhores-Fundos-Imobili%C3%A1rios-2-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c820d2c6487e2a1b7363223e321dab694736d2380acdc52cafcf70a9d53cd9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
TFEA4T2AEMNPRCQX
cf-polished
origSize=35128, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32074
x-amz-id-2
wfd9WtxdnBDnN3bajBXXFd+EYv8kiNK+daHL4fM4I2kpDfofxa+FUyaGmxHHH7sbdH7AI/Gs528=
last-modified
Thu, 10 Jun 2021 14:15:10 GMT
server
cloudflare
etag
"d3a1d50ccaf43415b6abc9e3a8320a12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b44ee0-FRA
cf-bgj
imgq:100,h2pri
shutterstock_1792091177-628x353.jpg
media.seudinheiro.com/uploads/2021/02/
56 KB
56 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/02/shutterstock_1792091177-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd30b0159d8a9fc93d22290e2c5af1e1377225f5db282af519998a27441b82b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
CTY5SD2HS1FG43ZE
cf-polished
origSize=61008, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56909
x-amz-id-2
HPjBPvTY4ic6+YO15gNujoILAX6/fghayBJChAmv3JjpnAS+787TjeoIHQbXZUv3INg+4QkT0LM=
last-modified
Thu, 11 Feb 2021 22:26:40 GMT
server
cloudflare
etag
"35cabacfb16bda7f451ac0f25d81a0bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b34ee0-FRA
cf-bgj
imgq:100,h2pri
Logo-sd-ms-acgslrzfrz.png
media.seudinheiro.com/uploads/2021/09/
2 KB
2 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/09/Logo-sd-ms-acgslrzfrz.png
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5338015d65231fb86a36a6b85c901cb52a2e1e547fdd8ba9ae2e7ebbd145850c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
EM55S5SC31DQFA4T
cf-polished
origFmt=png, origSize=2466
content-disposition
inline; filename="Logo-sd-ms-acgslrzfrz.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1728
x-amz-id-2
DGJoWiY4WX0RxZklVa6oLyo///uXZnSBnQI1Z3jvoVEFkz4H8smgRuAsonphHSJcSV3nqavB3MU=
last-modified
Tue, 21 Sep 2021 13:48:38 GMT
server
cloudflare
etag
"3919816c39e3e3315c808d22ae53d791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b64ee0-FRA
cf-bgj
imgq:100,h2pri
logo-mt.png
media.seudinheiro.com/uploads/2021/10/
5 KB
5 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2021/10/logo-mt.png
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876c91e74c3eac27c04acc87fd50537fc838058deaf185108be1029aed5032b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
EM52W42Q9Q4NQ4Z8
cf-polished
origFmt=png, origSize=17222
content-disposition
inline; filename="logo-mt.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5298
x-amz-id-2
/CrLrn3vCNa0BFboB3gDB4rTf6xKn5DGrpGwQTHdpVvMoNgPkMFjY9U2XPdiUO+yWJAysdH5kvY=
last-modified
Mon, 25 Oct 2021 18:50:48 GMT
server
cloudflare
etag
"2c18469e445f87be8ed3fdcda9fc0b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85da18b24ee0-FRA
cf-bgj
imgq:100,h2pri
csn-1-640x340.jpg
media.moneytimes.com.br/uploads/2021/07/
17 KB
17 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/07/csn-1-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab8d7e38ce5410a2103ab4e350af7bc6a7c474dd68a7d05918971413012f7e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
NEbdl5GCAoQwx736RkUCClB0kT6qY77A
etag
"201cc7fe04ef359b76e3f269a3444919"
cf-cache-status
MISS
x-amz-request-id
DZ9BRC2B16GDQP5W
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17359
x-amz-id-2
UZ6wTaYK0lf41fnmByQEELOhmJCygv3WsZqeENjgtYma81JII/aqEcYjlleVdssv27y2xVI3QRY=
last-modified
Wed, 28 Jul 2021 17:57:49 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da69750221-ZRH
jerome-powell-640x340.jpg
media.moneytimes.com.br/uploads/2021/07/
33 KB
33 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/07/jerome-powell-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1ce5b1177e73d63d30f060dc86d7cac8a54bfef454a98171c0af7cdf3110f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
lXNvhIeEWvo3hXHQeenEyO.Gd4IADGws
etag
"086402d93d6a3eb5a13818f01091b72f"
cf-cache-status
MISS
x-amz-request-id
DZ99W948SXPMK29W
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33619
x-amz-id-2
PaSOKVDMs5OS64yfQlIic3xv37rsLs9O1eegRpfZKjXcgEYWaizCjD86CyzYGD6KEfA8uei6AGw=
last-modified
Wed, 14 Jul 2021 17:21:47 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da69770221-ZRH
gerdau-640x340.jpg
media.moneytimes.com.br/uploads/2021/08/
65 KB
65 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/08/gerdau-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c318d93d737f8f203c77e4f88219bc467a491973ca04356f8695e1021821f94e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
GqtIgs.vz5vLBqHsSDjvcvQ9QS_TC08y
etag
"dab4bec31cb4843658fbd9863cee8ac6"
cf-cache-status
MISS
x-amz-request-id
DZ95K9Y7XKV591FT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66539
x-amz-id-2
EnFZ268nR18rtCvR4rRw5Sy4WAvznOefjwclanIKElSwwwCm6hBtL0546Kj4gVchxxlYLhgT7gA=
last-modified
Wed, 04 Aug 2021 15:50:05 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da697a0221-ZRH
variante-omicron-640x340.jpg
media.moneytimes.com.br/uploads/2021/12/
41 KB
41 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/12/variante-omicron-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4428b1bf076a26f6d0e815c05cc87879e4f16b3c5adf545a7c23a8331d17a34d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rM9dSwyNG2ticRQx304Veny.LauBec9a
etag
"33971dba0f3a26e85faf1b5e528cd1e2"
cf-cache-status
MISS
x-amz-request-id
DZ938QBX5ENWWP7D
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42052
x-amz-id-2
TgKRkg7EDrwR9OjZ61vn40R778whNoDbvP0hxS1TAVPS2XIjkm23BDBvL7RjDGDPyRqItLBMou8=
last-modified
Wed, 22 Dec 2021 18:58:23 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da697e0221-ZRH
covid19-coronavirus-omicron-640x340.jpg
media.moneytimes.com.br/uploads/2021/12/
34 KB
35 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/12/covid19-coronavirus-omicron-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8df1db2c2ab94bad7c1fed3f980177a8c4f21ebad0797a92ab326f63b35b0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
KyoiJBIuVq8h0dy6ySKEDcXD5.zx0lq.
etag
"82ecb60071a8e38f6d1dd7c06f3e6e15"
cf-cache-status
MISS
x-amz-request-id
DZ91XH3CD1DXHP1H
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35139
x-amz-id-2
7PeUrcIo8VsFYZieEeDzeshLn3V6WUAWaxP/dSchAnmO8qFv0DEPQ4X7Y2dzJ8P7CqdVeoa1U6A=
last-modified
Sat, 11 Dec 2021 18:43:17 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da79a40221-ZRH
vacinas-640x340.jpg
media.moneytimes.com.br/uploads/2022/01/
17 KB
17 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2022/01/vacinas-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e251cef7745d403ec04d217519643dc1621b582fa665c77ab31712b86ae54c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
it4RtLdONz9SqPkcFGOXA3UytDaBQLA3
etag
"0cdc28519264aa48801a5743d87a4e01"
cf-cache-status
MISS
x-amz-request-id
DZ9BKDTPJ8KGNST6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17258
x-amz-id-2
ulqVVYAEyNy6NNOCQgUOT5/5ew+nfUniwFh2nCOZm2XZazItzTpmXZPF0Lb1TFUaLJ1P779GbzE=
last-modified
Tue, 04 Jan 2022 12:03:25 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da79a70221-ZRH
1-26.jpg
media.moneytimes.com.br/uploads/2020/01/
62 KB
63 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2020/01/1-26.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf52eae40a54ee9fec68754411996493c8695885297e6de3fd825b3c19673e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
x-amz-request-id
DZ90YG2YF6HTGT5N
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63827
x-amz-id-2
nWOpa6qO76lwUZF/awFRvmLl1mqa0XgcRtUuZ8sJCn2Gbje85kkIfs3LRuuLTdC7YDLDQ08ScSE=
last-modified
Thu, 09 Jan 2020 22:30:28 GMT
server
cloudflare
etag
"7a98036ecc2bcf1782f14c8a44564b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1800
x-amz-version-id
k89s7APdHZY66FfLnWifbsJPwT6Wp5VI
accept-ranges
bytes
cf-ray
6cbf85da79a90221-ZRH
cana-de-acucar-1-640x340.jpg
media.moneytimes.com.br/uploads/2021/06/
62 KB
62 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/06/cana-de-acucar-1-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72e13737ac62698c86fdda96f4bfae9d8e41f042c961a19f5bb1e544a2521cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
BpKIUFbDpzSi7g98lr3YMQL6QjZJNKox
etag
"28bf9e7ade585d1d6f86153b68f6b705"
cf-cache-status
MISS
x-amz-request-id
DZ9CAM9KP98VZVA1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63245
x-amz-id-2
8npLS96syBuJJEf14qytKx/1Fr4p5yz20NaYDYJ6u6deQ1jZ27SNRneN3xlUX5OfwnU0H8R2XL0=
last-modified
Thu, 10 Jun 2021 14:56:15 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da79aa0221-ZRH
nft.jpg
media.moneytimes.com.br/uploads/2022/01/
81 KB
82 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2022/01/nft.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd7c90c48c294f1d1680cb2997a3201eec1f6b2df7c732e5c7c498ac554d8aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
age
1289
cf-polished
origSize=102882, status=webp_bigger
cf-ray
6cbf85da79ac0221-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
82924
x-amz-id-2
qlskyeD8Fx8zSe+vI3KFEdAo+xy+cIjL7PdjPDxLUUoJzHz5Fk3XjLPq8nZC+6FZTOw4M4KeDlE=
last-modified
Tue, 11 Jan 2022 15:25:42 GMT
server
cloudflare
etag
"6f603d9eb8a7d8569e79d6816fd9022f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
3N824ZQ27DBYMD36
cache-control
max-age=2592000
x-amz-version-id
6Yz7VmrAuEMxvQGXLi8pxlAm.fUk0oU_
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:100,h2pri
caixa-economica-federal-67-640x340.jpg
media.moneytimes.com.br/uploads/2021/07/
51 KB
51 KB
Image
General
Full URL
https://media.moneytimes.com.br/uploads/2021/07/caixa-economica-federal-67-640x340.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae162f791736cd6da1ce81ce91920857cc78d6f71c3bdb8f611bd2f4b6f2ed71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
d54_0fmoPiyXTa8pbUGUtWtLr..aW.Zf
etag
"d2fdd420adab0f12e942947c7f6fd36e"
cf-cache-status
MISS
x-amz-request-id
DZ9EMZVMCGXPYT9V
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51974
x-amz-id-2
vQQjJwZEVkdhVKHpei7kwJ2XFVxVvkAbZRvKo8DTvaj5eHF339B2azgHqxToud2PBa2eotOhhsI=
last-modified
Wed, 28 Jul 2021 16:23:58 GMT
server
cloudflare
date
Tue, 11 Jan 2022 16:29:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cbf85da79ad0221-ZRH
shutterstock_1434643079-628x353.jpg
media.seudinheiro.com/uploads/2019/11/
85 KB
86 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2019/11/shutterstock_1434643079-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dfad1cafd8bbf21fc7673d0ccdbd39cd60b7b0c91e412d55562f814bae14b7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
x-amz-request-id
EKRNHHWFY3ZNBX49
cf-polished
origSize=93600, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
87097
x-amz-id-2
0UNzYEwUvZbwF+WyNY7yBixC/MJZDEA1qwiPmbF+wVqnGNqgXFVRvYwwr4MTF4NgZ6agHRgndVY=
last-modified
Wed, 20 Nov 2019 22:49:34 GMT
server
cloudflare
etag
"b4c42d1e0d49090a4e245dc9470daf5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85db2a32f92f-MXP
cf-bgj
imgq:100,h2pri
icon-close.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
334 B
530 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-close.svg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4510e468b287bd7dde2f04e6a2e9647b612662afedc3d79db599c7920f3b8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-14e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da1877f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
email-decode.min.js
www.seudinheiro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
938 B
Script
General
Full URL
https://www.seudinheiro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 15:17:54 GMT
server
cloudflare
etag
W/"61d5b6a2-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6cbf85b7d852f92f-MXP
vary
Accept-Encoding
expires
Thu, 13 Jan 2022 16:29:09 GMT
sticky.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
1 KB
896 B
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/sticky.min.js?ver=3.2.1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c52b4f1daa1aa3a92d960a311d4518da07e80b7b1a443d3f1a55c0968c99a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
495
etag
W/"61d648f0-4db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b818b5f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:09 GMT
menu.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
1 KB
823 B
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/menu.js?ver=1.0
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a92c4d5381633b246afd400ae2b7a1420bfd0a18e87b5180a842d1acfb9c3bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
age
495
cf-polished
origSize=2006
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-7d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b8590cf92f-MXP
expires
Wed, 12 Jan 2022 16:29:09 GMT
infinite-scroll.pkgd.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
25 KB
7 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/infinite-scroll.pkgd.min.js?ver=3.0.5
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac207de8dc809e58959d8a3d0663793312f6041f8c258e793bac26b271f0128

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
495
etag
W/"61d648f0-6404"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b8b9e2f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:09 GMT
lazyload.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
5 KB
2 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/lazyload.min.js?ver=10.19.0
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
495
etag
W/"61d648f0-157d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b91a9bf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:09 GMT
jquery.fancybox.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
51 KB
17 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/jquery.fancybox.min.js?ver=3.1.25
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
496
etag
W/"61d648f0-cdb1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b96afff92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:10 GMT
flickity.pkgd.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
53 KB
14 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/flickity.pkgd.min.js?ver=2.2.10
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dc06d2408461cb9a8ed7dbe6d325e356405b804e04f0a8d65c3133742bb96b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-d2f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85da187bf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:15 GMT
wavesurfer.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
32 KB
9 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/wavesurfer.min.js?ver=1.3.4
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0760d239c2372a001017ede7d7657f513435a4e4ee0d8e0e1f77ae000c438d06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
496
etag
W/"61d648f0-8025"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85b9fc41f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:10 GMT
js.cookie.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
2 KB
1 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/js.cookie.min.js?ver=2.2.0
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85da187cf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:15 GMT
jquery.exitintent.min.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
646 B
631 B
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/jquery.exitintent.min.js?ver=0.0.1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156a6dfd9a25b183d6af4d65dac0c62fc0b35881354908eabb5b162c2ba8514f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-286"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85da187df92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:29:15 GMT
premium-home.js
assets.seudinheiro.com/app/themes/seudinheiro/src/js/lib/
1 KB
869 B
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/src/js/lib/premium-home.js?ver=0.1.14
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efca94093dba0530aadddbdfeb7eefa4ff18a6818e03e4301a487406de208468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
cf-cache-status
HIT
age
496
cf-polished
origSize=1817
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
6cbf85ba5cebf92f-MXP
expires
Wed, 12 Jan 2022 16:29:10 GMT
popup.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
2 KB
1 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/popup.js?ver=0.0.3
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f748a1169479314e3c17c735784d917815fdc45ebc746d0f9562a08f2e7a4063

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-b9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 12 Jan 2022 16:29:15 GMT
cache-control
public, max-age=86400
cf-polished
origSize=2974
cf-ray
6cbf85da1881f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
main.js
assets.seudinheiro.com/app/themes/seudinheiro/js/
6 KB
3 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/js/main.js?ver=0.1.5
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa53f01ec65345a5d6d5c58339f836a9b790ef60cf3d2baca51745400eea9f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-2975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 12 Jan 2022 16:29:15 GMT
cache-control
public, max-age=86400
cf-polished
origSize=10613
cf-ray
6cbf85da1882f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
slick.min.js
assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/
42 KB
11 KB
Script
General
Full URL
https://assets.seudinheiro.com/app/plugins/makestories-helper/vendor/slick/slick.min.js?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
age
496
etag
W/"61d648f0-a76f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6cbf85babdadf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 12 Jan 2022 16:15:51 GMT
ms-script.js
assets.seudinheiro.com/app/plugins/makestories-helper/assets/js/
1 KB
845 B
Script
General
Full URL
https://assets.seudinheiro.com/app/plugins/makestories-helper/assets/js/ms-script.js?ver=5.7.2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb92e8f08fcd5ebc0e41addc6a51fc2cded8c10c3cc6867d61ec2239b111cfc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:10 GMT
content-encoding
br
cf-cache-status
HIT
age
496
cf-polished
origSize=2282
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-8ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6cbf85bb0e4df92f-MXP
expires
Wed, 12 Jan 2022 16:15:51 GMT
pubads_impl_2022010407.js
securepubads.g.doubleclick.net/gpt/
352 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120967
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Jan 2022 16:29:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
78 B
104 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.seudinheiro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e167eb39c39e39a48d54d99f4d2db46c28eb3fc2b8ffc243bcbb376a89d7b097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Tue, 11 Jan 2022 16:29:09 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5289
date
Tue, 11 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 11 Jan 2022 17:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/
38 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s07-in-f2.1e100.net
Software
cafe /
Resource Hash
944b1c9355595d2ed225c0acc74fee48395ab78fca04def0cf7f9f263da4ea52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14790
x-xss-protection
0
server
cafe
etag
8033026891549550757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jan 2022 16:29:15 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9=
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
RdLlerBqy1Zu2Ema-yTbrkyGX_mGzLQMU-wkSsCgyOrwLVKaq2EDNA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 11 Jan 2022 16:29:15 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=32345291&ns__t=1641918550471&ns_c=UTF-8&c8=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&c7=https%3A%2F%2Fwww.seudinheiro.com%2F&c9=
content-length
207
x-amz-cf-id
4SiUfYH0FoW41_mNQoEtZl5opHwfMV2y0n58KFC7p3JC3Ssy89d7IQ==
xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
18 KB
19 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a48cca813010dda4f8fafd0e5ffa7cb2fec1d5d735ef66717922e4f7d7df605

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:58:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da289cf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18860
expires
Sun, 08 Jan 2023 13:28:16 GMT
xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
18 KB
18 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39cd77afa861423019ee3a8ebdba091f81ceefb42af068be7bf34793c2dd035c

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:58:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da289ff92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18348
expires
Sat, 07 Jan 2023 17:07:01 GMT
xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
50 KB
50 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23efc496bb4fd4aae84a4610931b5e5cd437f0d4d7b92690475d2049e382f4c

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:09:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da28a8f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51256
expires
Thu, 05 Jan 2023 22:33:53 GMT
xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
13 KB
13 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZGKLRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b12b4e362a8d3e50339937532a858037157683e95467201295019b3401d80ac

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:09:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da28abf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13152
expires
Thu, 05 Jan 2023 21:00:44 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
59 KB
59 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e99a651847e624316433c10dc7ee6c3c0a3b1c39ad14692041d23fc20a40c2

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:19:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da28acf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60164
expires
Wed, 04 Jan 2023 19:13:03 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 07:48:55 GMT
x-content-type-options
nosniff
age
31220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27412
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 07:48:55 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsunDXbtM.woff2
www.seudinheiro.com/fonts.gstatic.com/s/playfairdisplay/v25/
20 KB
20 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsunDXbtM.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81d0e8e4cb75821c21247c7c1e2dccc7c2e6774b3256aa7b060ab5206fb5e17

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Wed, 10 Nov 2021 18:13:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da48c0f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20288
expires
Sun, 08 Jan 2023 05:20:49 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
17 KB
18 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559c50de58d4dd94b8f5fdb6cc900934ec2f2e5238cdde24b0d65906434ed464

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:02:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da48c8f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17664
expires
Sat, 07 Jan 2023 16:44:18 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.117.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
13 KB
13 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.117.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fdab19083f42e11943aa7798c413fc982d7d0d410c6857bb1c594153107597

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:01:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da48e0f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13068
expires
Thu, 05 Jan 2023 22:32:45 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.86.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
21 KB
21 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.86.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f95cad9c732437dd7e79a38514b09c173e7c1054de1fecde973ecc417f88f0e8

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:53:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da5903f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21132
expires
Sat, 07 Jan 2023 00:32:21 GMT
/
s.tradingview.com/embed-widget/tickers/seudinheiro/ Frame 52C8
18 KB
7 KB
Document
General
Full URL
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Requested by
Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-tickers.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
71c93b27fc58b35a9f9318e4e6c56ba26b39e99e798ec541ace7930d99e2ce3a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-oIy/Nq0ZfHarEFi7SobARA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; report-uri /csp-report/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

content-type
text/html; charset=utf-8
date
Tue, 11 Jan 2022 16:27:59 GMT
expires
Tue, 11 Jan 2022 16:29:59 GMT
cache-control
max-age=120
content-security-policy
script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-oIy/Nq0ZfHarEFi7SobARA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; report-uri /csp-report/
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
tv
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,Cookie
x-cache
Hit from cloudfront
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
v0YXm0jy10GYpYTWNvCH2EGWYeuLnFr1lUL6yxQMJFpLZ-x668OOGA==
age
76
icon-facebook.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
888 B
817 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-facebook.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209ca4300e76131524a0c2232d16799327cc4ad9736dba93b1cf5f19079d2d6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-378"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da793ef92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
icon-instagram.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
2 KB
1 KB
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-instagram.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d807129c75690c36ab910977bafeefd72ce9852f918428632fcc20c5200bcbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-811"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da7941f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
icon-instagram-bg.jpg
assets.seudinheiro.com/app/themes/seudinheiro/img/
926 B
1 KB
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-instagram-bg.jpg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41807961edb76093c4351e825294ff8bd41ef5d8d17111c53302822e8783500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
HIT
cf-polished
origFmt=jpeg, origSize=1425
content-disposition
inline; filename="icon-instagram-bg.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
926
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
"61d648f0-591"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 12 Jan 2022 16:29:15 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
6cbf85da7945f92f-MXP
cf-bgj
imgq:100,h2pri
icon-twitter.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
2 KB
1 KB
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-twitter.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0294b004dbddf65b40aadf81a0b2881976915da8786a8ed1d12bf31e524445b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da7952f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
icon-youtube.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
1 KB
1008 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-youtube.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94da55c3dbbd25ab0a7b3c3950906850e727d1fdccf3bb025add820e9f6bf6a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-4ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da7954f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
icon-linkedin.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
1 KB
956 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-linkedin.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42351927db354ad1c0d9106f3beefe52a6cc4107f4b9beff198b1ed848ddb234

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-4c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da7955f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
icon-play.svg
assets.seudinheiro.com/app/themes/seudinheiro/img/
1 KB
834 B
Image
General
Full URL
https://assets.seudinheiro.com/app/themes/seudinheiro/img/icon-play.svg
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4679ff7a84b1674e7c614381f8eca35a11840eb60a36d9d6db1f89287c6bb90a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.seudinheiro.com/app/themes/seudinheiro/style.css?ver=0.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:42:08 GMT
server
cloudflare
etag
W/"61d648f0-43e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cbf85da7959f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 11 Jan 2022 20:29:15 GMT
xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
17 KB
17 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2063e60bd2835e246d0e7f2021f2642954ea0adea69f2bce1e8f9241b8e368a5

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:58:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da795cf92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17484
expires
Fri, 06 Jan 2023 23:18:27 GMT
xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
56 KB
57 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a13357c2cb3a7a32fb8a2c4aacb57c85d069e203be86733e69d7d25bb2a566

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:58:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da8960f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57520
expires
Wed, 11 Jan 2023 00:21:49 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.110.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
20 KB
20 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.110.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef87f9394bb13a7369a0b1c04542b3bfe33257f9a6d4c5ee1e926abb06cf3d3d

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:57:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da8964f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20324
expires
Sat, 07 Jan 2023 17:27:00 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.116.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
17 KB
17 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.116.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99a78830202888468498a2080aa1200187b1252ea80d1432a5a11c75e0cc578

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:58:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85da8966f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16920
expires
Wed, 11 Jan 2023 00:16:42 GMT
user
vip.seudinheiro.com/api/v1/
32 KB
33 KB
XHR
General
Full URL
https://vip.seudinheiro.com/api/v1/user
Requested by
Host: assets.seudinheiro.com
URL: https://assets.seudinheiro.com/app/themes/seudinheiro/js/jquery-3.2.1.min.js?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:149c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57bd274db8b8482bb0db8a971516f0329571c72344a7e797cfaeb6abc2d997e4

Request headers

Accept
*/*
Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
X-Requested-With, Content-Type, X-Token-Auth, Authorization, Origin, Cache-Control
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.seudinheiro.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
6cbf85daba054ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v25/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v25/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,900;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15ab2ac571d4f4d6053452253252cc8412177b83a8d22de0bbe95a9e1cc69a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 02:46:20 GMT
x-content-type-options
nosniff
age
567775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:11:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 02:46:20 GMT
xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
18 KB
18 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a61bca7f6b95fef677a552389533a66cb61b65f80e0dc8dfb1a4f2a10465a06

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 17:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85dab9b6f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18552
expires
Tue, 10 Jan 2023 21:49:33 GMT
xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/
13 KB
13 KB
Font
General
Full URL
https://www.seudinheiro.com/fonts.gstatic.com/s/notoserifjp/v15/xn77YHs72GKoTvER4Gn3b5eMZCqNRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4ff2f9ed3b0a32dd5ab950b96fa89746e6fd7ccf1cc2f47db3b85d0f7c5a33

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 16:56:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6cbf85dab9b7f92f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12836
expires
Thu, 05 Jan 2023 19:52:06 GMT
257261288441438.js
widget.manychat.com/
1 KB
1 KB
Script
General
Full URL
https://widget.manychat.com/257261288441438.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.19.3.2 /
Resource Hash
c01151bcc4fe77a35f830b3bc2a7f492dc251d7c54f6559c4525c9a1a0c4f3be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
cache-control
no-store
server
openresty/1.19.3.2
content-encoding
gzip
content-type
text/plain; charset=utf-8
universal.min.js
tag.navdmp.com/
13 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211ad865da55bab52f93a8829e3417e664e7f214c11ef4faf0fb817fb2806554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 20:42:15 GMT
server
cloudflare
age
3536
etag
W/"61c0eaa7-32a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6cbf85db3c853754-MXP
content-type
application/javascript
expires
Tue, 11 Jan 2022 16:30:19 GMT
hotjar-1784586.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1784586.js?sv=6
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash
6b018739ef4f1b0be1f3e6ca9d792aaf247180223f27534fb06c9614b7ddfd48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/1b27cfc432d3c83dc739b2b01bcbede8
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
xWKeMqrTZQ3ZzczLHW4hzjvb8AO5sshvdo53dbXSHrz2fbpl8_OhTQ==
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
api.min.js
a.optmnstr.com/app/js/
202 KB
56 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8348bc383f76df8e013617616d30b3b91cfcffa31dd873e68376da05be224cf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
01/07/2022 20:00:24
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id
90VETXW632JRKXED
x-amz-id-2
OI0pWxyAhfudzdLv57P63NkRNT/xbYvmu8XYU0RwsL9DzQBzivixEet6xmbzSSjIzwvTb4KzyV0=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 07 Jan 2022 19:00:17 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"3ba0f72b3dbb52e6ba299a6bc74f0ff9"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
17f2490f90cf81a626ea9e6051282813
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
sdk.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
248dca92d8ab560231ecc9d7db9e67c1428bd4a16d2b1bd1081c4f6979914a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HKosEfapzkr5I6ya7L4JbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
HYJxfA6ZZ7l9UwgSsntUvOxEGTA5QlcmGiOtmcZzWTQ+sq6tVgdL+bBqvLw4+cSUkyBR/1F4jys15S+EJRbISA==
x-fb-trip-id
720026100
x-fb-content-md5
763491c0ec92388ead1cf4e3186835c7
x-frame-options
DENY
date
Tue, 11 Jan 2022 16:29:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"2edc6e5a7ae2e725960c76105c9560b4"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 11 Jan 2022 16:32:25 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
r6nH6mX6p1YptzW+vN7IuGga+T2PM7lk/ZMII+NT2svEYUKiXNFTcWdwvfJZr0TOG2G2YAGcfBZkspdyA6i6aw==
x-fb-trip-id
720026100
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 11 Jan 2022 16:29:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C57NQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1395
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cbf85db4a2b6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 14 Jan 2022 16:29:15 GMT
pt.5f68d1afba88c6a8.js
s.tradingview.com/static/localization/translations/ Frame 52C8
1013 KB
281 KB
Script
General
Full URL
https://s.tradingview.com/static/localization/translations/pt.5f68d1afba88c6a8.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
058628b0168abb04fed9e6c651700db06761c022950a2209c9d7ade66eac330b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21303
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 11 Jan 2022 09:46:48 GMT
server
tv
etag
W/"61dd5208-45c46"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
CPtTH1rs_3BbipdDbcg2nABwbNO0qxR6LTpu6cQUMcZVW35emSZJGA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
runtime.21ff3ee052c8e88f4518.js
s.tradingview.com/static/bundles/embed/ Frame 52C8
43 KB
23 KB
Script
General
Full URL
https://s.tradingview.com/static/bundles/embed/runtime.21ff3ee052c8e88f4518.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
8bb4c8860ab56676b57945f9e1a7ef42ff1bdc10089fb075e065eef5d7aded0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21310
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 11 Jan 2022 09:46:55 GMT
server
tv
etag
W/"61dd520f-5bc0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
wZK-NTP_sYwAWsutEW8XGh4Wf9WQEaRK4uZAhxt4eYjk-kKHLSwLBQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendors_embed.d76fefa3fece70ff3a71.js
s.tradingview.com/static/bundles/embed/ Frame 52C8
144 KB
47 KB
Script
General
Full URL
https://s.tradingview.com/static/bundles/embed/vendors_embed.d76fefa3fece70ff3a71.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
70dd390dbbffd306539aabdfd281cfebf3a07b3283203938fae8fb9acc0a6211
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458468
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Thu, 06 Jan 2022 08:50:58 GMT
server
tv
etag
W/"61d6ad72-ba80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
__CEnhmL1i3eVutEIEkdgbredcLgc4rmmAmbELBjDwNyjagVbulkSg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed_tickers_widget.43313b32b1305aa8a5d2.js
s.tradingview.com/static/bundles/embed/ Frame 52C8
290 KB
77 KB
Script
General
Full URL
https://s.tradingview.com/static/bundles/embed/embed_tickers_widget.43313b32b1305aa8a5d2.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
79eaf2069134ef02fd763aeee0a0f32e759967ea8488865a2f5f1fc091ee5f66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21301
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 11 Jan 2022 09:46:56 GMT
server
tv
etag
W/"61dd5210-12ef2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
rYGPNN9mpS-q7oL0bgj2Z2bTCef9dxKrVTU1HQMw18mUCq_956olug==
expires
Thu, 31 Dec 2037 23:55:55 GMT
css_embed_normalize.0f19b168d88c5e2b6ad0.css
s.tradingview.com/static/bundles/embed/ Frame 52C8
1 KB
1 KB
Stylesheet
General
Full URL
https://s.tradingview.com/static/bundles/embed/css_embed_normalize.0f19b168d88c5e2b6ad0.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5464330
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 10:06:01 GMT
server
tv
etag
W/"618a4809-2be"
vary
Accept-Encoding
content-type
text/css
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
-1jEREMCm6Y6n7Uh8dUEfRhmCcIZms3DP7Bd0eUboVqCDFSbAHnrrA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed_tickers_widget.6ded957120a02a7873a5.css
s.tradingview.com/static/bundles/embed/ Frame 52C8
23 KB
4 KB
Stylesheet
General
Full URL
https://s.tradingview.com/static/bundles/embed/embed_tickers_widget.6ded957120a02a7873a5.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
0e798efc7f3531f20fbe5a956a66bc0bf311ec557d398b6dec200d1f7fa538cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:12:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1228609
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 28 Dec 2021 10:45:55 GMT
server
tv
etag
W/"61caeae3-f3f"
vary
Accept-Encoding
content-type
text/css
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
XlIoKS9Wk2hGI5Sybq7ON531nUTmQQBPZX7YwTLJA7eYuZ1V5TTzJQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
535 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.seudinheiro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
widget.js
mccdn.me/assets/js/
389 KB
94 KB
Script
General
Full URL
https://mccdn.me/assets/js/widget.js
Requested by
Host: widget.manychat.com
URL: https://widget.manychat.com/257261288441438.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 15:24:16 GMT
server
cloudflare
age
3741
etag
W/"61dda120-6150d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neWJQ77nJXrbFFeXMz8lMJboN4o6P8XLPPIZjAl4Rpyl9LTng8WwPExvK9P%2BVOMXf%2F%2BQEgrk5O58%2BevXNpLhjkJFAiDseDine8cnoDJ20dnmqlet652mwIP3Bdrh9PqnVTJBD0hl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cbf85dcde2ae8f7-MXP
publisher:getClientId
ampcid.google.de/v1/
3 B
464 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.seudinheiro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
Design-sem-nome-54-628x353.jpg
media.seudinheiro.com/cdn-cgi/image/fit=contain,width=640&,format=auto/uploads/2022/01/
40 KB
41 KB
Image
General
Full URL
https://media.seudinheiro.com/cdn-cgi/image/fit=contain,width=640&,format=auto/uploads/2022/01/Design-sem-nome-54-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ba4de926f0b21f94ddc69dece57ae5759dc9b39dfe8a36f47f9f6abd59e9cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41362
last-modified
Tue, 11 Jan 2022 14:43:14 GMT
server
cloudflare
etag
"cfCjWROkOLjGe6-XuIaUe4xA:828131049dae5828f6c582617e4291cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=14400
cf-resized
internal=ok/h q=0 n=29 c=1115 v=2022.1.0 l=41362
accept-ranges
bytes
cf-ray
6cbf85dbfb50f92f-MXP
cf-bgj
imgq:85,h2pri
shutterstock_329519759-628x353.jpg
media.seudinheiro.com/cdn-cgi/image/fit=contain,width=640&,format=auto/uploads/2021/05/
22 KB
22 KB
Image
General
Full URL
https://media.seudinheiro.com/cdn-cgi/image/fit=contain,width=640&,format=auto/uploads/2021/05/shutterstock_329519759-628x353.jpg
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd230b7a1b9b86e3826d44a6e316fd26b23cbed599e62cdda65e2f5cd72f232
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22420
last-modified
Thu, 20 May 2021 13:23:49 GMT
server
cloudflare
etag
"cfT1fv1vGo3Z3fQN8KYx9f0w:f4cf94e76bcb2124b1c1c530b28b006a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=14400
cf-resized
internal=ok/e q=0 n=81 c=1056 v=2022.1.0 l=22420
accept-ranges
bytes
cf-ray
6cbf85dbfb52f92f-MXP
cf-bgj
imgq:85,h2pri
sdk.js
connect.facebook.net/pt_BR/
290 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=d576552adc90d1e1026de4b6b1aba1a3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
535ef04f4353e89800c836432e1179de4aa588884cca96fede27ed230e7cf431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.seudinheiro.com/
Origin
https://www.seudinheiro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vFr85cB9b95NZkZYfhPd8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83550
x-fb-rlafr
0
x-fb-debug
t1xWtKJQNSkm1aHP1Mg7lNUP6WyaDeBGN2jb9F/837JyJuZpr8fpK4WAJ3RrZOxqii0wBzuf0w/2z/6L7MiOXw==
x-fb-content-md5
57fe02dfd22e907dba6380620749559f
x-frame-options
DENY
date
Tue, 11 Jan 2022 16:29:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fc97fd2b8fc08dedec84f7e646b980fe"
timing-allow-origin
*
priority
u=5,i
expires
Wed, 11 Jan 2023 16:12:27 GMT
modules.95d56a8fe70e88a7dcd9.js
script.hotjar.com/
229 KB
61 KB
Script
General
Full URL
https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1784586.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-33.fra50.r.cloudfront.net
Software
/
Resource Hash
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
12190
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61466
access-control-allow-origin
*
last-modified
Tue, 11 Jan 2022 13:05:10 GMT
etag
"e2ccd91105747342ee4a8ed27f9e5793"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
LdZzmNGiI_uHzNr-8FtxRyoWJce1W9oZR94IGGNVkoFxRTevZzOPXQ==
2325640831097766
connect.facebook.net/signals/config/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2325640831097766?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
305807aa484720ceac72f208c3b400b0525e872d5e13acfa2f3300ca286fc519
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
99FqZq+IdAqPcdLrUXMyz3UdaXS2DO6rJogY/bmOsz2jH0KacAbKm3cKzv2MJtIFq1jra2NVbQQLtNg80fsefA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 11 Jan 2022 16:29:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
45300
tag.navdmp.com/u/
1 KB
744 B
Script
General
Full URL
https://tag.navdmp.com/u/45300
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a589bc1c5aac2ee11ccad1842fb1ecd860b283728ad5e631e34dcca9d93fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Dec 2021 20:03:22 GMT
server
cloudflare
etag
W/"61a9268a-483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6cbf85dc1efe3754-MXP
content-type
application/javascript
expires
Tue, 11 Jan 2022 17:29:15 GMT
60657
tag.navdmp.com/u/
511 B
428 B
Script
General
Full URL
https://tag.navdmp.com/u/60657
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7559615293c2678dc215cb8e3d0bc7221e5563f54cb2c8b45e2cfc655e241c59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:01 GMT
server
cloudflare
etag
W/"6137b32d-1ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6cbf85dc1f023754-MXP
content-type
application/javascript
expires
Tue, 11 Jan 2022 17:29:15 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2306
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cbf85dc2f7b4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 14 Jan 2022 16:29:15 GMT
33651
api.omappapi.com/v2/embed/
46 KB
12 KB
XHR
General
Full URL
https://api.omappapi.com/v2/embed/33651?d=seudinheiro.com
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
e3a2966cd50b750a69c5bd325b9ee0ba175f1740ac51158f6e3df8a1d3e0b0cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
FRA50-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
24256
x-user-agent
standard--
last-modified
Tue, 11 Jan 2022 14:58:29 GMT
server
Pagely Gateway/1.5.1
etag
W/"9e8c2e10b316dcb1f93f336bd214ab75"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin
*
x-amz-cf-id
_UVGoKShSRRmzxFxlljJxlDgTgMC3eoAd-FtvpmljJtftpxWtli4mw==
expires
Tue, 11 Jan 2022 16:29:23 GMT
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame BBFA
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1784586.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HkDPtGQKO4AqZziQ_ts2HbvE4GHoqGfYlcYorYOyiRqpB-dAqWqwGQ==
age
5538236
web
onesignal.com/api/v1/sync/3df510e5-0ed0-4fac-9f22-9e2ef24666f8/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/3df510e5-0ed0-4fac-9f22-9e2ef24666f8/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e091479f49fb8ee3bfefd6707addfd16402568a1d0134655b68461469bcbe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1311
cf-polished
origSize=5342
status
200 OK
x-envoy-upstream-service-time
41
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2a5c5307-4cb0-41ba-885d-38ef6181aebd
x-runtime
0.040416
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b3c6a38bcdf4f90abedaddff0d16815c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6cbf85dd1f126993-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 11 Jan 2022 17:29:15 GMT
js
www.google-analytics.com/gtm/
111 KB
38 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KTCP5M7&t=gtm4&cid=447015613.1641918556
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73696ced3fab5787cf9afbf934f042cfc3028da3bfc6a1c03b02747bf2845362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38474
x-xss-protection
0
expires
Tue, 11 Jan 2022 16:29:15 GMT
js
www.googletagmanager.com/gtag/ Frame 52C8
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96826332-1
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_tickers_widget.43313b32b1305aa8a5d2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ff53841c0fa1f54816990b7b05c0c5f304962877aff4723626e6b1dd9be7b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36310
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jan 2022 16:29:15 GMT
63158.982f1e40be21040b888f.css
s.tradingview.com/static/bundles/embed/ Frame 52C8
801 B
759 B
Stylesheet
General
Full URL
https://s.tradingview.com/static/bundles/embed/63158.982f1e40be21040b888f.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.21ff3ee052c8e88f4518.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5464328
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 10:06:02 GMT
server
tv
etag
W/"618a480a-104"
vary
Accept-Encoding
content-type
text/css
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
uo_LE0_ePpClxBHrxKBC2jQS65E4_g6me22VO3MgioTcTMbG2F5n5w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js
s.tradingview.com/static/bundles/embed/ Frame 52C8
4 KB
3 KB
Script
General
Full URL
https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.21ff3ee052c8e88f4518.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-64.dus51.r.cloudfront.net
Software
tv /
Resource Hash
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5206448
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Fri, 12 Nov 2021 08:51:09 GMT
server
tv
etag
W/"618e2afd-8b0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
6186Q-J3G9ng4I6UpZ4dKQ8VC_0EZIb8haM6X7dwN5yLoQQt8JJe2w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
moment.min.js
a.omappapi.com/app/js/moment.js/2.24.0/
52 KB
19 KB
Script
General
Full URL
https://a.omappapi.com/app/js/moment.js/2.24.0/moment.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 13:11:01
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Thu, 27 May 2021 17:38:19 GMT
cdn-proxyver
1.02
cdn-fileserver
89
etag
W/"60afd90b-d04c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
afa99092e7bc1591efc0bab7b7b6fa4e
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/
16 KB
7 KB
Script
General
Full URL
https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 13:09:55
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver
1.02
cdn-fileserver
162
etag
W/"60afd908-40cb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
0278c6a7dde5a15bfc49a1776d70e1e7
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/
44 B
406 B
Image
General
Full URL
https://www.facebook.com/tr/?id=328048117752707&ev=fb_page_view&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&rl=&if=false&ts=1641918555834&sw=1600&sh=1200&at=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 11 Jan 2022 16:29:15 GMT
usr
usr.navdmp.com/
75 B
241 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=45300&u=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df556ebd91e502ba0d643b80e8981d5187e57d098cecfff84590da2ffafa8467

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cbf85de5c273754-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Tue, 11 Jan 2022 17:29:17 GMT
/
www.facebook.com/tr/
44 B
212 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2325640831097766&ev=PageView&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&rl=&if=false&ts=1641918555876&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%223042786535758989%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22BRL%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22941625939618975%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22BRL%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22271398524296777%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%223464798876865977%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1641918555875.41916378&it=1641918555527&coo=false&exp=p0&rqm=GET
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 11 Jan 2022 16:29:15 GMT
logEvent
manychat.com/pixel/ Frame
0
0
Preflight
General
Full URL
https://manychat.com/pixel/logEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.19.3.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.seudinheiro.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
openresty/1.19.3.2
date
Tue, 11 Jan 2022 16:29:15 GMT
access-control-allow-origin
https://www.seudinheiro.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
css
fonts.googleapis.com/
1 KB
407 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 16:10:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 Jan 2022 16:29:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jan 2022 16:29:15 GMT
logEvent
manychat.com/pixel/
15 B
146 B
XHR
General
Full URL
https://manychat.com/pixel/logEvent
Requested by
Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.19.3.2 /
Resource Hash
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
gzip
server
openresty/1.19.3.2
content-type
application/json
analytics.js
www.google-analytics.com/ Frame 52C8
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96826332-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5289
date
Tue, 11 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 11 Jan 2022 17:01:06 GMT
a
www.googletagmanager.com/ Frame 52C8
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-96826332-1&cv=1&v=3&t=t&pid=602023379&rv=150&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 52C8
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-96826332-1&cv=1&v=3&t=t&pid=602023379&rv=150&es=1&e=gtm.init&eid=2&tc=1&z=0
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 52C8
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-96826332-1&cv=1&v=3&t=t&pid=602023379&rv=150&es=1&e=gtm.js&eid=3&u=AAAAAAAAAAAE&tc=1&tr=1rep&epr=1UA&ti=1rep&z=0
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=532160876956612&ev=fb_page_view&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&rl=&if=false&ts=1641918555955&sw=1600&sh=1200&at=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 11 Jan 2022 16:29:15 GMT
usr
usr.navdmp.com/
359 B
477 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=9&acc=60657&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8da7ab2f5c53ea3b649c1231deac06860e0b2b19a32248569c1b09887638adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cbf85decd233754-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Tue, 11 Jan 2022 17:29:17 GMT
moment-timezone-with-data-2012-2022.min.js
a.omappapi.com/app/js/moment-timezone/0.5.23/
32 KB
11 KB
Script
General
Full URL
https://a.omappapi.com/app/js/moment-timezone/0.5.23/moment-timezone-with-data-2012-2022.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:15 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-197
cdn-cachedat
12/27/2021 11:46:27
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Wed, 16 Jun 2021 03:51:03 GMT
cdn-proxyver
1.02
cdn-fileserver
162
etag
W/"60c97527-802f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
03761551d8b3091c5aae50636dc603a1
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
a
www.googletagmanager.com/ Frame 52C8
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-96826332-1&cv=1&v=3&t=t&pid=602023379&rv=150&es=1&e=gtm.dom&eid=6&u=AAAAAAAAAAAE&tc=1&z=0
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/tickers/seudinheiro/?locale=br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=892099694&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&ul=en-us&de=UTF-8&dt=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&exp=UCZy-RPZT_yLO0Dg0lQ2CA.5&_u=aGDAAEADQAQCAC~&jid=1361899385&gjid=780536785&cid=447015613.1641918556&tid=UA-124062040-1&_gid=417567279.1641918556&_r=1&gtm=2wg1505C57NQ4&cd3=&cd4=Seu%20Dinheiro&cd5=An%C3%A1lise&cd9=&z=1936671506
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.seudinheiro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.seudinheiro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.seudinheiro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
245 KB
35 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3858594681947122&correlator=3680628532440465&output=ldjh&impl=fifs&eid=44756896&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220111&iu_parts=21742997408%2Cdtopo%2Cdlatcima%2Cdlatbaixo%2Cdfeed1%2Cdfeed2%2Cbarcot&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%2C320x50%7C300x250%2C300x600%2C320x50%7C300x250%7C250x250%2C320x50%7C300x250%7C250x250%2C120x60&fluid=0%2Cheight%2C0%2Cheight%2Cheight%2C0&prev_scp=dtopo%3Dlazyload%7Cdlatcima%3Dlazyload%7Cdlatbaixo%3Dlazyload%7Cdfeed1%3Dlazyload%7Cdfeed2%3Dlazyload%7Cbarcot%3Dlazyload&cust_params=post_id%3D299231&cookie_enabled=1&bc=31&abxe=1&lmt=1641918474&dt=1641918556048&dlt=1641918548881&idt=7142&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1023%2C1023%2C-9%2C-9%2C1199&adys=187%2C836%2C2818%2C-9%2C-9%2C77&adks=2115532110%2C3293121458%2C2579323519%2C2444971521%2C2378567813%2C3327497198&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.seudinheiro.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x4%7C300x250%7C300x610%7C0x-1%7C0x-1%7C126x72&msz=728x0%7C300x250%7C300x0%7C0x-1%7C0x-1%7C120x60&ga_vid=447015613.1641918556&ga_sid=1641918556&ga_hid=892099694&ga_fc=true&fws=4%2C4%2C4%2C2%2C2%2C4&ohw=1600%2C1600%2C1600%2C0%2C0%2C1600&btvi=0%7C0%7C1%7C-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d51cc38856a678fef23416347d1707b179d021fd20e1eab72bd6fa1fc76ff255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36154
x-xss-protection
0
google-lineitem-id
5864997258,-1,5870241488,5850019172,5861947883,5745406452
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376325727,-1,138377077270,138373798283,138376068403,138369491337
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.seudinheiro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B18
6 KB
4 KB
Document
General
Full URL
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 11 Jan 2022 16:29:16 GMT
expires
Wed, 11 Jan 2023 16:29:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-124062040-1&cid=447015613.1641918556&jid=1361899385&gjid=780536785&_gid=417567279.1641918556&_u=aGDAAEACQAQCAC~&z=1522254409
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 11 Jan 2022 16:29:16 GMT
content-type
text/plain
access-control-allow-origin
https://www.seudinheiro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-786944529/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-786944529/?random=1641918556094&cv=9&fst=1641918556094&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.seudinheiro.com%2F&tiba=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77012fd176bbb2745e2a40914d9b2eb5a799a126332b67ec2cd465af47d258e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 52C8
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-96826332-1&cv=1&v=3&t=t&pid=602023379&rv=150&e=gtm.js&eid=3&u=AAAAAAAAAAAE&tc=1&tr=5rep&ti=1rep&z=0
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1261
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6cbf85dfe9284eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 14 Jan 2022 16:29:16 GMT
/
www.google.com/pagead/1p-user-list/AW-786944529/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/AW-786944529/?random=1641918556094&cv=9&fst=1641916800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Fwww.seudinheiro.com%2F&tiba=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&async=1&fmt=3&is_vtc=1&random=1279913224&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-786944529/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/AW-786944529/?random=1641918556094&cv=9&fst=1641916800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Fwww.seudinheiro.com%2F&tiba=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&async=1&fmt=3&is_vtc=1&random=1279913224&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-124062040-1&cid=447015613.1641918556&jid=1361899385&_u=aGDAAEACQAQCAC~&z=714326461
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-124062040-1&cid=447015613.1641918556&jid=1361899385&_u=aGDAAEACQAQCAC~&z=714326461
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon
onesignal.com/api/v1/apps/3df510e5-0ed0-4fac-9f22-9e2ef24666f8/
174 B
611 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/3df510e5-0ed0-4fac-9f22-9e2ef24666f8/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c86b738c6edc4a9f8943c284f26256bca227ec91a4ef9c5bd4dee083b9aebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2be60ca6-2588-44e1-866d-9320170ae248
x-runtime
0.005807
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e7c86b738c6edc4a9f8943c284f26256"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6cbf85e04a2459fb-MXP
access-control-allow-headers
SDK-Version
/
www.facebook.com/tr/ Frame 94E8
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.seudinheiro.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.seudinheiro.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Tue, 11 Jan 2022 16:29:16 GMT
seudinheiro-icone.png
media.seudinheiro.com/uploads/2018/09/
5 KB
6 KB
Image
General
Full URL
https://media.seudinheiro.com/uploads/2018/09/seudinheiro-icone.png
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:159c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f667a56aa19f9e065747dca8f5e2038f67cc162fdbb2de314fbd369839feb968

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:16 GMT
cf-cache-status
HIT
x-amz-request-id
GVVET092Z2BXKWFQ
cf-polished
origFmt=png, origSize=18823
content-disposition
inline; filename="seudinheiro-icone.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5564
x-amz-id-2
bFnIkQ2DuijGzByfWQQ3U+GhU4mZtnCjJAGt5YiXYiJ0B1qVPuaYHlz8EX/b/E5KB9kRcu2V6DE=
last-modified
Fri, 21 Sep 2018 17:06:11 GMT
server
cloudflare
etag
"818040acd3af45a2e067cdcf684175c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cbf85e26dbef92f-MXP
cf-bgj
imgq:100,h2pri
container.html
2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F39
6 KB
3 KB
Document
General
Full URL
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 11 Jan 2022 16:29:16 GMT
expires
Wed, 11 Jan 2023 16:29:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 8DC0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJr_iXU8UhTI1Tx6SfjiKZ8Kmx8SQlFz3YM-w4nM4tZAfrC8U_5itKAex1cr89BisEVvBIRy6eLATynbjzQpZwo5WD6qqxC-93R-AAfXt4QFqQHlSZSiQS-utltlAqhtxgKR5PrtyTJe7d9W8VkVvIDr3iaoosZ-mz2raz6uzELBqkMj6ymDvLyVUQDOP0oO3vrRzmxph6uJZvIZr_kWCfhkFYghv_uC0B1Qti83AQIjmwfGgAIZCWUSoIQ_aFjRaCjnavg9lgtso1TDOyQ2tJqeSvMwY1soY3LozOY4uYr9kSqk2f5caFFQ&sai=AMfl-YRzcoxthVD1hwNQnH40NPx5UJRp1j5GUmLsm3nzZ60F1mVKhXaw2bfb0wR70WDOgyW2eGgD0zsWOlG_SnE6HNpmPMMfrHO60cfZra9K5Ic_9HLx8rqxnUI6veTJdGI&sig=Cg0ArKJSzI9rYNUhWoS-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 11 Jan 2022 16:29:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame 8DC0
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:19:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 8DC0
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:27:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DC0
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641817384012296"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jan 2022 16:29:17 GMT
l
www.google.com/ads/measurement/ Frame 8DC0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfQXVU4AwVfhcsIl-fevFFb0CO3FEqL1GXJp-n4VFrtis9Ju5oKRrQAxUf_i-yxus70YKvoKabkIjxSQvVmd_7ONdP7A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

1546637233240490758
tpc.googlesyndication.com/simgad/ Frame 8DC0
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1546637233240490758
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a11efa0a98750a675291aa9a54a4e9b5894ddb3a0730ce3de3c82677351502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:27:38 GMT
x-content-type-options
nosniff
age
98
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9334
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 19:20:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Jan 2023 16:27:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3B15
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9u91cDSs35FMMKCkd-bBNVYiyGS9DOKjwO5jQG-qbCfC5bnbmGpGr-2gkJKjQoR6b97T55foevbU2yygfNGCwQSDsKtBmELixp13ncTjnlq7MsJEImqvsjN2RPrijzrDnS93-It_DfyZNXoWu-aIPDF1eanbV6B7zZBIbQVivf1mZB4MWR87V0glgROh6eM4DEvNwUYRCystJCOqXGFnhgMnjUktRx5gvrbp9ov-zO6umovV96DtP6JObG3ziNi5qqai6izt56uEU2GOod1IqDtVEVjFPHJamjvmS-PKCda_Lb_1xmOec&sai=AMfl-YSRCT9mwfbmmLdRYz3A0muEPPeNhWKkSdzrcnS7Qom027QGWKQNvhw65xDMGBdb9lFSngsSyDew_-phTpblvilDMB1KcEzcdxiZxbSfsINrL7DFeN77YNcGhKKEr-4&sig=Cg0ArKJSzMWMLbH0abRQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 11 Jan 2022 16:29:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame 3B15
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:19:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 3B15
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:27:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B15
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641817384012296"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jan 2022 16:29:18 GMT
11236048857517421224
tpc.googlesyndication.com/simgad/ Frame 3B15
54 KB
54 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11236048857517421224
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b22bd54857a3d6aa38cfe591afcc88bb0971ce32cf1cba07114f95f9863b859a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 21:47:37 GMT
x-content-type-options
nosniff
age
153699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54911
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 20:00:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Jan 2023 21:47:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F12C
624 B
300 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 11 Jan 2022 16:29:16 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 11 Jan 2022 16:29:16 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5F39
92 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Da-7glIOkXE0sfUQV7lfvoK2YROdT5hdbvDAl0TgO6YnvYDwiCAyugu3xvLQ2I4VSqTXGy1F4etLOdUC9e3rXRa2I2o6p98mfdA81wBwanQRYe2FxCCFHKSkt2rujg98x05gTtIlOot9wmiViCm3nT1lcJww&dbm_d=AKAmf-BitbUYRts968ls_-9QtSqEhEazcGKohtmNmO_Qnvvs2_TqduuHxyxlMML4K7G0AoB35ALw0_YeAmsdXuaz_ZhIVfIj3gLsaL7WgSsvP8NCAU8vi3WmHt9_3doU-fQwzZM3gM82lqFOfzwnIngB_X-xiuF3aHFtTwVe7m3R1Ad57X1bAiXuwiJKURPht7ssCfnP9fZzgayyPMyicYmv4jhpliYsCPt3SjaTJOrKr5E92v4h_tZuxBfMAWPhN8S90hZhlLk04aVVVBQUAh4GwLOLlFfgp6gHnt3aRZbj6RIIdw3kkw4g2qCH7XxFjzEDQSzGJkuln7lz56D8rARxYyu8Sr9Xy_e4hLMj87qRcJaqvJNMcFp6sJv3KSMBgbvZlKl_K6ifBEyDgw6u6TO2Jzc9dW9llGMeMgxNkeXetUSpFUwWP0OH6geuEcqXVRp88ycwrzMWR_cqPUrUi0hK_QtYZhPzgQe0b2DxzKu2j9rJ1dPfkict7AmekldFypt7HpYctvazlmTjvWvaNNNU2lOJk3UAZ90mqAQ9uE0pW0zwVryGRVd4q6yM00V5ZQmWdt4zpOldD56Y2X97sSr-v3MjPvpQXR__n-sax_xGK5qPpSfDN6Q1qAjPMiTbQv2_j9_K2qoYerNtG7zUEalyvmWJTU6T5KheGuhwcRKxJamFlXf2wph9MJgk2gGSEkf47EiVrq9t8Od91VAsD8UnuOEWNpqwt5yallVNSyHL6n18rz73ExJYZapQYHX1rmdqxfSYvggv5K4ZqOfRay8GaMpzpc9665C6-SM6IWnd7b4HdKDCDwec5D4qbBo75C-C4qml13GBuHpMuByW_VP_ONTPoaPgKnyZwF2nfXEpQ9RjCYBuoSPvTgWUYigHmYnLvaV8C3Ugsx2t7BgLpagP_Mvm36LsHTEEbpMr-tDiY_U53ug81cwY0NxynZ1y_zVC_6blNjl-PK27AuxOXJMAAg_l7BcVrFJ5i2yg1ACntlt31lRh2wOp-oH5uDfbc0DMq7D9fMd-XFdeWeYxNDM4FdBhXotJx7chZeW_Horv6aqdasp9FiSjSRvRjSntFZmkUrBqU2hd9c6vnSdYaqswn6DDCp4g63TRE3HaJjBBg3K1fxYSUCM-FBTIqbPgaARlWVK3d4Suki2ewsPerDuifVtytOxpJUdjC6_ndYt1xCOhE4LDIKYj128kJh6mOQGadnb6qCnMVYNEC6DT5AEeEt0myxnC4sgHGhbrdOZG1E6g8o-xs8oFzY0wjYkB9Z10oJrkP7NPHNSTqVWZJYZLiZb6e5eT4JDOs5LGsPla2_XTCDcyiiWW-qxt0CISJA5WlrvvmGiUkPvdMKWJQQdroEO8lKSxfvGqmlg8yIVklBkdiSP4CxA4TqNAf-8JueHPEeObl84jdxXRS33bcV_Lq1ZXsx4pcw0ks6AbtxwjLI-G2tqbkKZs77Zkx4nqvNn-C7zi7-Co_rljl5_T8H6NenQXJA68FVQSld5cvZ7S-iyipVkGC16jSyhQ7nIrSXjg2SxTpdq06Ydd2kP7ZZIcqpVIJqeSPj0IR_t6u_3JGz_uNNJkLX29CJy8Ea471Ftu-MUCHrBxsEHRW1mrQeH3WyZQwkuecVdwssJduqdRVMNlr9pe4aHNT_8wz7h0AJ2OwgOElL8Bxr5TViErHC-VrtO2EZUyOJuf2LbCMRpDFtXToneAxKkYVfxgZSISc-AB7WVxdui8p443wHajVKByl75wX1BJejWRHkuSwetamEtSuQIJr3dAAL_nD63sA-rTw12ad_m2xOB3o-lLTEJt7xRzmnv2dka9Le_avdv_rHI3q6odaxJyzhkAv5J9JAR1jvQyf3np1IGbtP-huMeAqO5E55vzdb-5kfqhCpzC7MDo76CriAHqZlJ2X7z5wFqaaEI-SBpQgWMr3MfIzm0XRf6psXuTsmRurz0oqHV06iFbQfl79t8603LeGTQiBhAZdTD8nsr4xGCiRte9vzazRurvo4NGXlzOtJm5P-CzlrpPyKQ9mt24EtLyeOVry2nLKrUcrOuItipnNNzPZck04AkQu8Dwr0ALNV531mbCQWKWIRPS7jXUPFa7KyV4Swk0otecNGmWfrjlSKywEGbTYJ0SeJsM3FiBCWtNYcAKrt_Uj7MXgCZx5FNJktTG4YGMgOOpKxuoBK8pHScA_iYMUGh5brThxDneBR6Saq4dXCJ_gzig5ZRV2z0OUB3XyY0eov1PEMlT8UAv81jWkvIx6ZegBOFZ_x6sOyPXvU5cxNOVkE5LMTG5OlaWSDsyOxvKapC0JcNSfktD0BmG0zkgRGhaY_1ZQiPTLw0q7pWmuYCburBRnwT5V_3GxSoHL--je1zz9p8l7P3jViWVBVeZ6xz4zri8Hb4lb-yPY3o8lLHJ4CkK_1Hh73sq51h_ARsuUlJx3IxcNvc8IhCiMJjqdMrgR0ed8BKGB-zHKW0mJqViR44RW6vyNqrRuvc3a8AMrH_ASztL4ChSqrvBJv0NmlY4LgFXVUNdiixIXatnO6VvmOSoCby3CXabkazdEJ8QmPi-v0MNnP4nZgIqJ148U2hcGx149h8-jRaQcCcXANC2OOu6yVLMrkWc8EpRQPvaB2-UP4IEDNKnX78XAI1mMvU3JlgIO3A91lZrDZJs-ij0Of6gaoVet0huvc6z9gTxX5m2P41b2wRdyjxv__h74nhYxb9oYFyTgCP9n_RHBx1M5AkxKJOmoy8W8gbIVr7a_nFZ0jt8y28baUY3BSxES-DsRWTZsV53gGTnJkhvTKubDxYv0d9ejYmJIjiogt3qNuBsM359tjBl6PWj4wx4Qby74j1mj7ga8R4IPJ1514sAHz1B9QMbmwt6EAv2hKE68Tovk_DvwsR9lwHDrx07DRgi4Bb8V0wTa88m7_63N6Lh0N-XlTwyfvEs1P9-5yPqj_iznYY184v8IdPNLFMsJRfs6ICuFVegA4-KNLsPwOEl9-QGu_flLDQmUvymlRmnO8qO_YOI_YwYqHBTZeC3Zqf-z8-2FMza_PGmqoOS80E72jpxJGMl8sz0OQ9NdMV2QU794zg-ZA8e5V9XXMc1Q6JPO4YZg9BwRriJrhULTSaBccEzwn2kX_C0wrv5OyCUXMJkagWUSmm1Dr6a7mrWvZzxiElsqMDM6QQ_SHwf9fy3VZbKmouYDTJonWUfNY3M51tPk_aS9dyBtm-bxE-naNOHIPFKou17_qwBZNxqE9dg_7CinIAySPJ2NYun2hw_6F4dK2Hk&cid=CAASFeRo6EgKJE4b3Ae5jL4aOgeN2wtWWA&rfl=1%2Chttps%253A%252F%252Fwww.seudinheiro.com%252F%240
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
606c4767b036b30918b5f9f0da5bdbe48210926e33e2085f6d4adf176e2a3582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35466
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F39
42 B
494 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BX5BbRuzEwaVOMn5hn7Pt3bKKeHBqD1fAJLa-N5xSKAB1Y_GBeGnTwLj70LaqyLdMZraoqRiD9AhL3sR1Zu-92hVYbibOQtyst0GvHg2sePvEidAw
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 5F39
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/907318/59567102/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
482 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:224a:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
age
13652083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
tJS_A3xu999KVfD35qPd27bNXMHoU3KKmuzYH6Rvh2Q-WLrAcPwygw==

Redirect headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 5F39
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:27:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F39
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641817384012296"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jan 2022 16:29:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 5F39
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
10427043382315408254
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:25:29 GMT
l
www.google.com/ads/measurement/ Frame 5F39
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGJIIp0ndamglusysM0PHTvzOmPlSfY1F9pKsuYbhq7OsvIRj5EEGXBq-6JDMRWYsSn3s405ajZaqXAqEygStw_zVbAw
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame F12C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jan 2022 16:29:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Jan 2022 16:29:17 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jan 2022 16:29:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuMBmv4z2U0DfvOcL84OE8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 11 Jan 2022 16:29:17 GMT
rum
dsum-sec.casalemedia.com/ Frame F12C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd2wXTmZTFtMhyVeKcRV5gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELtB2n2nu0xZGXB6523pu8o&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELtB2n2nu0xZGXB6523pu8o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jan 2022 16:29:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Jan 2022 16:29:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELtB2n2nu0xZGXB6523pu8o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F12C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJLgY28COfddy-BmvKTMLvY&google_cver=1
43 B
1001 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJLgY28COfddy-BmvKTMLvY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jan 2022 16:29:17 GMT
X-Proxy-Origin
193.27.14.36; 193.27.14.36; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
adf2b285-6b60-4745-9a63-8c6d791744a7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJLgY28COfddy-BmvKTMLvY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F12C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2Nzk5OTU0NDE0MDkzNTc1
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2Nzk5OTU0NDE0MDkzNTc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNU1b2n4SbdG6m5dMv_UxWuz8LfYer6DJnjW-XiwPuCejbIvcv2OHUNmP3EYkr99kntNctMSi0IRZnAavc2wtq9FU17igRQMu1XxFG_lZ3dMsxOoggq7mFN68GnCBHFrNvuD9t9TCw0he-Af0YDW-QPNdEEcs01xEMqu1B7PK9mDotLjQLw
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jan 2022 16:29:16 GMT
X-Proxy-Origin
193.27.14.36; 193.27.14.36; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8bf83212-d6bf-40c5-ae55-a1f129cdd0f1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2Nzk5OTU0NDE0MDkzNTc1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 5F39
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
Origin
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jan 2022 18:05:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220106/r20110914/elements/html/ Frame 5F39
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220106/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Da-7glIOkXE0sfUQV7lfvoK2YROdT5hdbvDAl0TgO6YnvYDwiCAyugu3xvLQ2I4VSqTXGy1F4etLOdUC9e3rXRa2I2o6p98mfdA81wBwanQRYe2FxCCFHKSkt2rujg98x05gTtIlOot9wmiViCm3nT1lcJww&dbm_d=AKAmf-BitbUYRts968ls_-9QtSqEhEazcGKohtmNmO_Qnvvs2_TqduuHxyxlMML4K7G0AoB35ALw0_YeAmsdXuaz_ZhIVfIj3gLsaL7WgSsvP8NCAU8vi3WmHt9_3doU-fQwzZM3gM82lqFOfzwnIngB_X-xiuF3aHFtTwVe7m3R1Ad57X1bAiXuwiJKURPht7ssCfnP9fZzgayyPMyicYmv4jhpliYsCPt3SjaTJOrKr5E92v4h_tZuxBfMAWPhN8S90hZhlLk04aVVVBQUAh4GwLOLlFfgp6gHnt3aRZbj6RIIdw3kkw4g2qCH7XxFjzEDQSzGJkuln7lz56D8rARxYyu8Sr9Xy_e4hLMj87qRcJaqvJNMcFp6sJv3KSMBgbvZlKl_K6ifBEyDgw6u6TO2Jzc9dW9llGMeMgxNkeXetUSpFUwWP0OH6geuEcqXVRp88ycwrzMWR_cqPUrUi0hK_QtYZhPzgQe0b2DxzKu2j9rJ1dPfkict7AmekldFypt7HpYctvazlmTjvWvaNNNU2lOJk3UAZ90mqAQ9uE0pW0zwVryGRVd4q6yM00V5ZQmWdt4zpOldD56Y2X97sSr-v3MjPvpQXR__n-sax_xGK5qPpSfDN6Q1qAjPMiTbQv2_j9_K2qoYerNtG7zUEalyvmWJTU6T5KheGuhwcRKxJamFlXf2wph9MJgk2gGSEkf47EiVrq9t8Od91VAsD8UnuOEWNpqwt5yallVNSyHL6n18rz73ExJYZapQYHX1rmdqxfSYvggv5K4ZqOfRay8GaMpzpc9665C6-SM6IWnd7b4HdKDCDwec5D4qbBo75C-C4qml13GBuHpMuByW_VP_ONTPoaPgKnyZwF2nfXEpQ9RjCYBuoSPvTgWUYigHmYnLvaV8C3Ugsx2t7BgLpagP_Mvm36LsHTEEbpMr-tDiY_U53ug81cwY0NxynZ1y_zVC_6blNjl-PK27AuxOXJMAAg_l7BcVrFJ5i2yg1ACntlt31lRh2wOp-oH5uDfbc0DMq7D9fMd-XFdeWeYxNDM4FdBhXotJx7chZeW_Horv6aqdasp9FiSjSRvRjSntFZmkUrBqU2hd9c6vnSdYaqswn6DDCp4g63TRE3HaJjBBg3K1fxYSUCM-FBTIqbPgaARlWVK3d4Suki2ewsPerDuifVtytOxpJUdjC6_ndYt1xCOhE4LDIKYj128kJh6mOQGadnb6qCnMVYNEC6DT5AEeEt0myxnC4sgHGhbrdOZG1E6g8o-xs8oFzY0wjYkB9Z10oJrkP7NPHNSTqVWZJYZLiZb6e5eT4JDOs5LGsPla2_XTCDcyiiWW-qxt0CISJA5WlrvvmGiUkPvdMKWJQQdroEO8lKSxfvGqmlg8yIVklBkdiSP4CxA4TqNAf-8JueHPEeObl84jdxXRS33bcV_Lq1ZXsx4pcw0ks6AbtxwjLI-G2tqbkKZs77Zkx4nqvNn-C7zi7-Co_rljl5_T8H6NenQXJA68FVQSld5cvZ7S-iyipVkGC16jSyhQ7nIrSXjg2SxTpdq06Ydd2kP7ZZIcqpVIJqeSPj0IR_t6u_3JGz_uNNJkLX29CJy8Ea471Ftu-MUCHrBxsEHRW1mrQeH3WyZQwkuecVdwssJduqdRVMNlr9pe4aHNT_8wz7h0AJ2OwgOElL8Bxr5TViErHC-VrtO2EZUyOJuf2LbCMRpDFtXToneAxKkYVfxgZSISc-AB7WVxdui8p443wHajVKByl75wX1BJejWRHkuSwetamEtSuQIJr3dAAL_nD63sA-rTw12ad_m2xOB3o-lLTEJt7xRzmnv2dka9Le_avdv_rHI3q6odaxJyzhkAv5J9JAR1jvQyf3np1IGbtP-huMeAqO5E55vzdb-5kfqhCpzC7MDo76CriAHqZlJ2X7z5wFqaaEI-SBpQgWMr3MfIzm0XRf6psXuTsmRurz0oqHV06iFbQfl79t8603LeGTQiBhAZdTD8nsr4xGCiRte9vzazRurvo4NGXlzOtJm5P-CzlrpPyKQ9mt24EtLyeOVry2nLKrUcrOuItipnNNzPZck04AkQu8Dwr0ALNV531mbCQWKWIRPS7jXUPFa7KyV4Swk0otecNGmWfrjlSKywEGbTYJ0SeJsM3FiBCWtNYcAKrt_Uj7MXgCZx5FNJktTG4YGMgOOpKxuoBK8pHScA_iYMUGh5brThxDneBR6Saq4dXCJ_gzig5ZRV2z0OUB3XyY0eov1PEMlT8UAv81jWkvIx6ZegBOFZ_x6sOyPXvU5cxNOVkE5LMTG5OlaWSDsyOxvKapC0JcNSfktD0BmG0zkgRGhaY_1ZQiPTLw0q7pWmuYCburBRnwT5V_3GxSoHL--je1zz9p8l7P3jViWVBVeZ6xz4zri8Hb4lb-yPY3o8lLHJ4CkK_1Hh73sq51h_ARsuUlJx3IxcNvc8IhCiMJjqdMrgR0ed8BKGB-zHKW0mJqViR44RW6vyNqrRuvc3a8AMrH_ASztL4ChSqrvBJv0NmlY4LgFXVUNdiixIXatnO6VvmOSoCby3CXabkazdEJ8QmPi-v0MNnP4nZgIqJ148U2hcGx149h8-jRaQcCcXANC2OOu6yVLMrkWc8EpRQPvaB2-UP4IEDNKnX78XAI1mMvU3JlgIO3A91lZrDZJs-ij0Of6gaoVet0huvc6z9gTxX5m2P41b2wRdyjxv__h74nhYxb9oYFyTgCP9n_RHBx1M5AkxKJOmoy8W8gbIVr7a_nFZ0jt8y28baUY3BSxES-DsRWTZsV53gGTnJkhvTKubDxYv0d9ejYmJIjiogt3qNuBsM359tjBl6PWj4wx4Qby74j1mj7ga8R4IPJ1514sAHz1B9QMbmwt6EAv2hKE68Tovk_DvwsR9lwHDrx07DRgi4Bb8V0wTa88m7_63N6Lh0N-XlTwyfvEs1P9-5yPqj_iznYY184v8IdPNLFMsJRfs6ICuFVegA4-KNLsPwOEl9-QGu_flLDQmUvymlRmnO8qO_YOI_YwYqHBTZeC3Zqf-z8-2FMza_PGmqoOS80E72jpxJGMl8sz0OQ9NdMV2QU794zg-ZA8e5V9XXMc1Q6JPO4YZg9BwRriJrhULTSaBccEzwn2kX_C0wrv5OyCUXMJkagWUSmm1Dr6a7mrWvZzxiElsqMDM6QQ_SHwf9fy3VZbKmouYDTJonWUfNY3M51tPk_aS9dyBtm-bxE-naNOHIPFKou17_qwBZNxqE9dg_7CinIAySPJ2NYun2hw_6F4dK2Hk&cid=CAASFeRo6EgKJE4b3Ae5jL4aOgeN2wtWWA&rfl=1%2Chttps%253A%252F%252Fwww.seudinheiro.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:27:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame 5F39
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Da-7glIOkXE0sfUQV7lfvoK2YROdT5hdbvDAl0TgO6YnvYDwiCAyugu3xvLQ2I4VSqTXGy1F4etLOdUC9e3rXRa2I2o6p98mfdA81wBwanQRYe2FxCCFHKSkt2rujg98x05gTtIlOot9wmiViCm3nT1lcJww&dbm_d=AKAmf-BitbUYRts968ls_-9QtSqEhEazcGKohtmNmO_Qnvvs2_TqduuHxyxlMML4K7G0AoB35ALw0_YeAmsdXuaz_ZhIVfIj3gLsaL7WgSsvP8NCAU8vi3WmHt9_3doU-fQwzZM3gM82lqFOfzwnIngB_X-xiuF3aHFtTwVe7m3R1Ad57X1bAiXuwiJKURPht7ssCfnP9fZzgayyPMyicYmv4jhpliYsCPt3SjaTJOrKr5E92v4h_tZuxBfMAWPhN8S90hZhlLk04aVVVBQUAh4GwLOLlFfgp6gHnt3aRZbj6RIIdw3kkw4g2qCH7XxFjzEDQSzGJkuln7lz56D8rARxYyu8Sr9Xy_e4hLMj87qRcJaqvJNMcFp6sJv3KSMBgbvZlKl_K6ifBEyDgw6u6TO2Jzc9dW9llGMeMgxNkeXetUSpFUwWP0OH6geuEcqXVRp88ycwrzMWR_cqPUrUi0hK_QtYZhPzgQe0b2DxzKu2j9rJ1dPfkict7AmekldFypt7HpYctvazlmTjvWvaNNNU2lOJk3UAZ90mqAQ9uE0pW0zwVryGRVd4q6yM00V5ZQmWdt4zpOldD56Y2X97sSr-v3MjPvpQXR__n-sax_xGK5qPpSfDN6Q1qAjPMiTbQv2_j9_K2qoYerNtG7zUEalyvmWJTU6T5KheGuhwcRKxJamFlXf2wph9MJgk2gGSEkf47EiVrq9t8Od91VAsD8UnuOEWNpqwt5yallVNSyHL6n18rz73ExJYZapQYHX1rmdqxfSYvggv5K4ZqOfRay8GaMpzpc9665C6-SM6IWnd7b4HdKDCDwec5D4qbBo75C-C4qml13GBuHpMuByW_VP_ONTPoaPgKnyZwF2nfXEpQ9RjCYBuoSPvTgWUYigHmYnLvaV8C3Ugsx2t7BgLpagP_Mvm36LsHTEEbpMr-tDiY_U53ug81cwY0NxynZ1y_zVC_6blNjl-PK27AuxOXJMAAg_l7BcVrFJ5i2yg1ACntlt31lRh2wOp-oH5uDfbc0DMq7D9fMd-XFdeWeYxNDM4FdBhXotJx7chZeW_Horv6aqdasp9FiSjSRvRjSntFZmkUrBqU2hd9c6vnSdYaqswn6DDCp4g63TRE3HaJjBBg3K1fxYSUCM-FBTIqbPgaARlWVK3d4Suki2ewsPerDuifVtytOxpJUdjC6_ndYt1xCOhE4LDIKYj128kJh6mOQGadnb6qCnMVYNEC6DT5AEeEt0myxnC4sgHGhbrdOZG1E6g8o-xs8oFzY0wjYkB9Z10oJrkP7NPHNSTqVWZJYZLiZb6e5eT4JDOs5LGsPla2_XTCDcyiiWW-qxt0CISJA5WlrvvmGiUkPvdMKWJQQdroEO8lKSxfvGqmlg8yIVklBkdiSP4CxA4TqNAf-8JueHPEeObl84jdxXRS33bcV_Lq1ZXsx4pcw0ks6AbtxwjLI-G2tqbkKZs77Zkx4nqvNn-C7zi7-Co_rljl5_T8H6NenQXJA68FVQSld5cvZ7S-iyipVkGC16jSyhQ7nIrSXjg2SxTpdq06Ydd2kP7ZZIcqpVIJqeSPj0IR_t6u_3JGz_uNNJkLX29CJy8Ea471Ftu-MUCHrBxsEHRW1mrQeH3WyZQwkuecVdwssJduqdRVMNlr9pe4aHNT_8wz7h0AJ2OwgOElL8Bxr5TViErHC-VrtO2EZUyOJuf2LbCMRpDFtXToneAxKkYVfxgZSISc-AB7WVxdui8p443wHajVKByl75wX1BJejWRHkuSwetamEtSuQIJr3dAAL_nD63sA-rTw12ad_m2xOB3o-lLTEJt7xRzmnv2dka9Le_avdv_rHI3q6odaxJyzhkAv5J9JAR1jvQyf3np1IGbtP-huMeAqO5E55vzdb-5kfqhCpzC7MDo76CriAHqZlJ2X7z5wFqaaEI-SBpQgWMr3MfIzm0XRf6psXuTsmRurz0oqHV06iFbQfl79t8603LeGTQiBhAZdTD8nsr4xGCiRte9vzazRurvo4NGXlzOtJm5P-CzlrpPyKQ9mt24EtLyeOVry2nLKrUcrOuItipnNNzPZck04AkQu8Dwr0ALNV531mbCQWKWIRPS7jXUPFa7KyV4Swk0otecNGmWfrjlSKywEGbTYJ0SeJsM3FiBCWtNYcAKrt_Uj7MXgCZx5FNJktTG4YGMgOOpKxuoBK8pHScA_iYMUGh5brThxDneBR6Saq4dXCJ_gzig5ZRV2z0OUB3XyY0eov1PEMlT8UAv81jWkvIx6ZegBOFZ_x6sOyPXvU5cxNOVkE5LMTG5OlaWSDsyOxvKapC0JcNSfktD0BmG0zkgRGhaY_1ZQiPTLw0q7pWmuYCburBRnwT5V_3GxSoHL--je1zz9p8l7P3jViWVBVeZ6xz4zri8Hb4lb-yPY3o8lLHJ4CkK_1Hh73sq51h_ARsuUlJx3IxcNvc8IhCiMJjqdMrgR0ed8BKGB-zHKW0mJqViR44RW6vyNqrRuvc3a8AMrH_ASztL4ChSqrvBJv0NmlY4LgFXVUNdiixIXatnO6VvmOSoCby3CXabkazdEJ8QmPi-v0MNnP4nZgIqJ148U2hcGx149h8-jRaQcCcXANC2OOu6yVLMrkWc8EpRQPvaB2-UP4IEDNKnX78XAI1mMvU3JlgIO3A91lZrDZJs-ij0Of6gaoVet0huvc6z9gTxX5m2P41b2wRdyjxv__h74nhYxb9oYFyTgCP9n_RHBx1M5AkxKJOmoy8W8gbIVr7a_nFZ0jt8y28baUY3BSxES-DsRWTZsV53gGTnJkhvTKubDxYv0d9ejYmJIjiogt3qNuBsM359tjBl6PWj4wx4Qby74j1mj7ga8R4IPJ1514sAHz1B9QMbmwt6EAv2hKE68Tovk_DvwsR9lwHDrx07DRgi4Bb8V0wTa88m7_63N6Lh0N-XlTwyfvEs1P9-5yPqj_iznYY184v8IdPNLFMsJRfs6ICuFVegA4-KNLsPwOEl9-QGu_flLDQmUvymlRmnO8qO_YOI_YwYqHBTZeC3Zqf-z8-2FMza_PGmqoOS80E72jpxJGMl8sz0OQ9NdMV2QU794zg-ZA8e5V9XXMc1Q6JPO4YZg9BwRriJrhULTSaBccEzwn2kX_C0wrv5OyCUXMJkagWUSmm1Dr6a7mrWvZzxiElsqMDM6QQ_SHwf9fy3VZbKmouYDTJonWUfNY3M51tPk_aS9dyBtm-bxE-naNOHIPFKou17_qwBZNxqE9dg_7CinIAySPJ2NYun2hw_6F4dK2Hk&cid=CAASFeRo6EgKJE4b3Ae5jL4aOgeN2wtWWA&rfl=1%2Chttps%253A%252F%252Fwww.seudinheiro.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 16:23:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5F39
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 11:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 11:40:23 GMT
index.html
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 8774
36 KB
6 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:17 GMT
expires
Wed, 11 Jan 2023 16:29:17 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 05 May 2021 19:27:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5F39
0
571 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYxozH0_qT9kstC2cPRYn90MHzacCIZOnTh9LJeoFun9CyyrSejcRean08Fn3AiYC2KpKgc4arA6PE17Z_dEevrNTsjn0XbmaiQLauTD6xjamcdNJAPaPF_pcLhZBJnEf6j1Gns45HeStsnbtmfnE2RvLUgUtehJHkmyeMC_jLQeuf1a-nejIrckbrytt1W0qC_VEl6jJkkB8fljr6pOJjZYmx5nyA2lB3H6PzhVqAJpUB0CgNRY6bm506PAQuke_Do8X9Z2dxn14ArIvvu2qrXPQ5tf4MMd5wx6tPc2xWhqZETKaClnXcZK_Z6Bckq0IUjV-Y2fZscXanUWcHu8pKdtQz7Q3bLNR_vZLfL70T-jE9-11dms_zIpoEQT9k9OojHh7N4GwqspdMPXQPRJ9V4Oi5R6Dj3KhvwmyZFug0o8wGM9wBpuRD2Qir-a4GleHBMxg0R3ybCS6sRwP2BcuTKq2ERslHzcqn7K3YgNCqht8il_8ZnLBsgMUX8y5x5h4-5PJX6PVWO6fyROFFlWER67bgb68FlmkqkvbcMdMIpoyEz5XpGNijVaM49646pkY8ESwM7Ucpx96uVQkaikWnR7_TejuAMn6AG9Q_slMm_Qju47E7PeReMeDJOloImy37QzC6By_S0X-1GEzWOlOSO-_xE5-ihm2bS4Qky5JuMdjVpaHwgwCdpe70eucsRbY3FLHicokov7yvJqYcknVHdmRLvj7JvOqq0kzmeRvNPYDIFvHcc5GE4hOyGOxMSlTclExhN2sUnMCkrXqDJ45e57qy4xcc_Feb9QG3ogHqy1QrJ1blO7cI7Hj4NURZRNmQu8uLB9ZeW4h7qae8xCB_2ZoosHlB5MWaMHSnzvHrdLD-1SwAZ09soKLLWd9bXYj1DKtzDoQt6ePuenRgT9Bq-a5HWNR-8LE9i96Y0yyAerdDXtLOF_oyxT781J6ups0ZHoSe-FpK3M1fyk4v3GaU3ZjhFcGebbDfmz0zIJjYJN1LjaS8vynlXdCoLhllo1M3790oN9KHeEqUiK-Vqhlqg033zDomxEt94xXhN0yZY5UrZ22a-biYdqsXmIX0hr30cARUVnPjhaMjM1rzhmg5YWKsoQ17fsyDmXltHLS8EcrECd7WFFfUw9pOcEjBAbg0iwZb6ntkXxQYZkds0ojho8hyDtCJ-_StnJb5qUPovf5L6WeQn7i7214Wf_pDpktb6pUyv3kwy5GAVA&sai=AMfl-YQ2EcyXJmpmxdeyymsI-y3VKY9QB3sxNFUbvk9Wy9ayEX10ZitRPlgxbpJVtyWhx4kOMlClVFhRxokknIuaa10lsysbaA4PVRRkJEOhlYdhezSOFXxdNEr1DWyV1vA75RHCxxduqFh5CgWpzzi-ZooUeAPFFgqUKKv8Z3I&sig=Cg0ArKJSzDYe4AHPoHUREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=63&cbvp=1&cstd=57&cisv=r20220106.81955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 11 Jan 2022 16:29:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame 5F39
43 B
1 KB
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=25742660&extPm=396917636&extCr=15577051873&gdpr=&gdpr_consent=&rnd=964030977
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Di, 11 Jan 2022 04:29:17 GMT
Server
Microsoft-IIS/8.5
Date
Tue, 11 Jan 2022 16:29:16 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
923
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
firstevent
skydeutschland.demdex.net/ Frame 5F39
Redirect Chain
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr_cons...
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr...
42 B
967 B
Image
General
Full URL
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr_consent=
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.247.1.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-1-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v026-04dc941eb.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bYTE6GW5Q7M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v026-0896d2058.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
2Pf0ZGY8RA8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=964030977&gdpr=&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 26AC
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 11 Jan 2022 11:40:23 GMT
expires
Wed, 11 Jan 2023 11:40:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
17334
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
style.css
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 8774
6 KB
2 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1741
x-xss-protection
0
last-modified
Wed, 05 May 2021 19:27:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 20:02:00 GMT
Enabler_01_244.js
s0.2mdn.net/879366/ Frame 8774
109 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jan 2022 10:38:27 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 8774
59 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
511201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21678
timing-allow-origin
*
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2ctdetWWD9sXSarMVnnrE3Xqho8L%2FLSU2Wt2Spa9uyvgRIKv%2BlCxgMFqQdCsX8%2FBoxHwB245sQ9NrpObkYF1eL35AzyNGw2n%2BjXhCb239Gr%2B7O03ZrfCUYrl86dUjv0hfRYlhL33W1Ea4ckeuFK2IxW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cbf85e63eb8e8ff-MXP
expires
Sun, 01 Jan 2023 16:29:17 GMT
5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
pagead2.googlesyndication.com/bg/ Frame 26AC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13512
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 16:08:02 GMT
req
cdn.navdmp.com/
6 B
59 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=9&id=1008326e216425a727648f39ea10%7C0&acc=60657&tit=Seu%2520Dinheiro%2520-%2520Invista%2520com%2520Intelig%25EAncia&url=https%253A%2F%2Fwww.seudinheiro.com%2F&upd=1&new=1&h1=Seu%2520Dinheiro
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cbf85e65f253754-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=68856999457
  • https://sync2.navdmp.com/sync?prtid=2&id=68856999457&google_gid=CAESED9HtnWO7YYEWZDgtBEoPqk&google_cver=1
6 B
59 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=68856999457&google_gid=CAESED9HtnWO7YYEWZDgtBEoPqk&google_cver=1
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cbf85e6b8323754-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=68856999457&google_gid=CAESED9HtnWO7YYEWZDgtBEoPqk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=3c0661dd-b05c-4800-a326-1e96b125a019
43 B
131 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=3c0661dd-b05c-4800-a326-1e96b125a019
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6cbf85e7399f3754-MXP
content-length
43

Redirect headers

Date
Tue, 11 Jan 2022 16:29:17 GMT
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.navdmp.com/sync?img=1&mdia=3c0661dd-b05c-4800-a326-1e96b125a019
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 11 Jan 2022 16:29:16 GMT
cms
cms.analytics.yahoo.com/
0
0
Image
General
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame 8774
6 KB
4 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
076b9d0c15b450ab8da2ae6f2655743fb07ce38725eaf5d9de4212b50e71574a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4482
x-xss-protection
0
skyLogo_300x250_2020.png_1621952972643_skyLogo_300x250_2020.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 8774
9 KB
9 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/skyLogo_300x250_2020.png_1621952972643_skyLogo_300x250_2020.png
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2544f04aed16a754b4c8198ae0cf980587519e858da56360dac423739b4bc504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:15:29 GMT
x-content-type-options
nosniff
age
537228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9410
x-xss-protection
0
last-modified
Tue, 25 May 2021 14:29:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 11:15:29 GMT
blank.png_1621952972643_blank.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 8774
95 B
120 B
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952972643_blank.png
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 23:26:59 GMT
x-content-type-options
nosniff
age
579738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 25 May 2021 14:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 23:26:59 GMT
DCO_Residential_300x250_Day-of-the-Dead_1.jpg_1633702098784_DCO_Residential_300x250_Day-of-the-Dead_1.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 8774
52 KB
52 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_Day-of-the-Dead_1.jpg_1633702098784_DCO_Residential_300x250_Day-of-the-Dead_1.jpg
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ab3b98827076ce11d098f82508ca106ddb414afff1aad7a9b7623da87f73efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 23:00:14 GMT
x-content-type-options
nosniff
age
494943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53082
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 14:08:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 23:00:14 GMT
DCO_Residential_300x250_Day-of-the-Dead_2.jpg_1633702098784_DCO_Residential_300x250_Day-of-the-Dead_2.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 8774
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_Day-of-the-Dead_2.jpg_1633702098784_DCO_Residential_300x250_Day-of-the-Dead_2.jpg
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c0d0ace1b408eff419bb5a98fc61e50ca677717bf282a127c546126b444c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 06:29:58 GMT
x-content-type-options
nosniff
age
381559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14751
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 14:08:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 06:29:58 GMT
DCO_Residential_300x250_ENT_3.jpg_1636446921292_DCO_Residential_300x250_ENT_3.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 8774
12 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_ENT_3.jpg_1636446921292_DCO_Residential_300x250_ENT_3.jpg
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
641bca88422740f13999ce1981479716803ea7bbef797071bc213b349160503c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=lXy6hieywb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 00:17:56 GMT
x-content-type-options
nosniff
age
490281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12794
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 08:35:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 00:17:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5F39
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYxozH0_qT9kstC2cPRYn90MHzacCIZOnTh9LJeoFun9CyyrSejcRean08Fn3AiYC2KpKgc4arA6PE17Z_dEevrNTsjn0XbmaiQLauTD6xjamcdNJAPaPF_pcLhZBJnEf6j1Gns45HeStsnbtmfnE2RvLUgUtehJHkmyeMC_jLQeuf1a-nejIrckbrytt1W0qC_VEl6jJkkB8fljr6pOJjZYmx5nyA2lB3H6PzhVqAJpUB0CgNRY6bm506PAQuke_Do8X9Z2dxn14ArIvvu2qrXPQ5tf4MMd5wx6tPc2xWhqZETKaClnXcZK_Z6Bckq0IUjV-Y2fZscXanUWcHu8pKdtQz7Q3bLNR_vZLfL70T-jE9-11dms_zIpoEQT9k9OojHh7N4GwqspdMPXQPRJ9V4Oi5R6Dj3KhvwmyZFug0o8wGM9wBpuRD2Qir-a4GleHBMxg0R3ybCS6sRwP2BcuTKq2ERslHzcqn7K3YgNCqht8il_8ZnLBsgMUX8y5x5h4-5PJX6PVWO6fyROFFlWER67bgb68FlmkqkvbcMdMIpoyEz5XpGNijVaM49646pkY8ESwM7Ucpx96uVQkaikWnR7_TejuAMn6AG9Q_slMm_Qju47E7PeReMeDJOloImy37QzC6By_S0X-1GEzWOlOSO-_xE5-ihm2bS4Qky5JuMdjVpaHwgwCdpe70eucsRbY3FLHicokov7yvJqYcknVHdmRLvj7JvOqq0kzmeRvNPYDIFvHcc5GE4hOyGOxMSlTclExhN2sUnMCkrXqDJ45e57qy4xcc_Feb9QG3ogHqy1QrJ1blO7cI7Hj4NURZRNmQu8uLB9ZeW4h7qae8xCB_2ZoosHlB5MWaMHSnzvHrdLD-1SwAZ09soKLLWd9bXYj1DKtzDoQt6ePuenRgT9Bq-a5HWNR-8LE9i96Y0yyAerdDXtLOF_oyxT781J6ups0ZHoSe-FpK3M1fyk4v3GaU3ZjhFcGebbDfmz0zIJjYJN1LjaS8vynlXdCoLhllo1M3790oN9KHeEqUiK-Vqhlqg033zDomxEt94xXhN0yZY5UrZ22a-biYdqsXmIX0hr30cARUVnPjhaMjM1rzhmg5YWKsoQ17fsyDmXltHLS8EcrECd7WFFfUw9pOcEjBAbg0iwZb6ntkXxQYZkds0ojho8hyDtCJ-_StnJb5qUPovf5L6WeQn7i7214Wf_pDpktb6pUyv3kwy5GAVA&sai=AMfl-YQ2EcyXJmpmxdeyymsI-y3VKY9QB3sxNFUbvk9Wy9ayEX10ZitRPlgxbpJVtyWhx4kOMlClVFhRxokknIuaa10lsysbaA4PVRRkJEOhlYdhezSOFXxdNEr1DWyV1vA75RHCxxduqFh5CgWpzzi-ZooUeAPFFgqUKKv8Z3I&sig=Cg0ArKJSzDYe4AHPoHUREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&vt=11&dtpt=151&dett=3&cstd=57&cisv=r20220106.81955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.seudinheiro.com
URL: https://www.seudinheiro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 8774
27 KB
27 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:28:53 GMT
x-content-type-options
nosniff
age
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27952
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 12:38:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jan 2022 16:43:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8774
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jan 2022 16:29:17 GMT
/
opi.navdmp.com/
32 B
225 B
Fetch
General
Full URL
https://opi.navdmp.com/?v=7&url=https://www.seudinheiro.com/&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ea25cee1fcf0fb26860b30e5e2b5000ada288de4373c8e388cdf9caa6b7954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
6cbf85e72d6e83a8-MXP
content-length
32
req
cdn.navdmp.com/
6 B
78 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&id=10083243b6f378b8cff3506b1e10%7C0&acc=45300&tit=Seu%2520Dinheiro%2520-%2520Invista%2520com%2520Intelig%25EAncia&url=https%253A%2F%2Fwww.seudinheiro.com%2F&upd=1&new=1&h1=Seu%2520Dinheiro
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cbf85e6c8513754-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
pagead2.googlesyndication.com/bg/ Frame 7DB0
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13512
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 16:08:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26AC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH_VMXLDdYYKsN7mBx_AP3tmGwAMAAAAAOAHgBAI&bg=!Pj2lPXnNAAbDtiZlw7Y7ACkAdvg8Wp9iam3R8szM-10e-bbzn1UgYdHWG68HsNCphpssHxx9JM1cuQIAAACLUgAAABRoAQcKADBfYIC8Q4wJAR1jjJvGFbWaUSv6YqiYqjVuM5SFc9PXalZCCX96TDRpGUuad6SzSvqZAts1Fefl8aDrQEk7ExMFpVkNND6zrw0ZYYpPEtq_05Gp68KQrZ3DYtQXWXxtUIzxQNWqzlPi5n3qA9GUQp036euZ_UZ4Wf6MaNTQrMhHMNIbKo6Nss7OLteo2fhCSK03H_5pxIYwBS6VUUEMo1no8xrwYz3W8_pX2pf1H1u4aeX7Uc51l08ILMzd-7v7iFhqtp8Vkkn_sHY5KQQuT4zo1QYUcrhwBRZ1tdvvfY4XR6gGp3bEyp6GN7weNyqKWIQ5_ZxfjmwaV_o3QSpNjKjmpVFfTOkHTrJjS273ExbKUXM8fA311mp3vopevTHmpYu6KFK9FRJqYuAUfgQgRuZtasISDj3vQaHF8AUhUu5mp63xoK_8n84nOJMeOKZVoVa_GuEeKwHwWTMH5RfEe_XeAjqV5ylUvnUaC_ImPndjlu6O-vV1BSYO0XpKKkaDIrWAQ9MLPeqd-iz1TZEue395jXkTIQbHf3B4CtPk2fdchU8GZ0KXdnD7RuXYmm9eJZJKd1NYO09punKdrtmnbhlwnv5RbxVQhNH7FSewmODhY-cliFTf9TzPrFG1MUfIiuSZsOjuoXSdS8HI9aWUDRDyBFuk4qmwDuGu8DR18EqRpW4txkQoBIQxWfjlGbNZY00Ga2MUZ4Uzw3mcszfYzrlhQuthoay8CEPBkTqRYWedIgrTJHmJaDw4sG-uXpVcRxUpxnrGINVVT8YFkmHST9s9bSLjGya2mlILuhcRx8Z614A8KnKyQ4H1--kyUrFg6td-HZYD11XrGkLYkSXenJtMAWxq-LDI1Wr-46MvikieRnIOk3KMI8weZrj8hBVNuKq5IKSDWB1usSUG5tgg1W0jYhvaLQhstwM5U-R0eoQqqbKcaYbHXG3KUpadixbpyyl2ZGsh8q5HSrQDxe1jC3oOHcDtBM-ydO_mkrm0r-TPGfyxn6awImfUZe6yXg8Msqf7fbgYb8z5QOob45mTEA
Requested by
Host: 2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
URL: https://2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watson
opi.navdmp.com/
83 B
149 B
Fetch
General
Full URL
https://opi.navdmp.com/watson?&url=https://www.seudinheiro.com/
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f28f182aa5467db034384a4a4dfe77b3c27ce8ccc58ba8ebc46368008036405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:17 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
6cbf85e9acdb83a8-MXP
view
securepubads.g.doubleclick.net/pcs/ Frame 8DC0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst97nAkDZx68WU-X4D0zH2NcY1inVxHyzbsobjQd96aTCUIVXD4TvvCeW5eSzwPtdquCxMBUVSKC5aRGDAyHQu9p7Wr9aXgISq2NQJpkYMYx4eWHWT8rcmLDTXTorvPurdVL8C8RfPHxoZNlnGfxZHDdR-qrXb6T4pkS2_2qPAeqEGtm-hvROhAZd3uRaWJTjvWqVaszKuy1lfPE5SjzDLePGkcQvvmBgm2dk1NRsUvI_4S5TwHleLEb-nvcWqJ8O7hA50v2zQ6yz6e-CSCscuZdtJ_ynPZdEfnvtznrlt1ZC7xoxgmni3jY3yT&sai=AMfl-YSn2GXy8x1z2saMwKU6TJg3-o8dWnK_jFcCYPpVTIdvbQTNJYBhVjEc6oINUfqpkUez0nAh1dQaqhOiLTSKLLp7Mrngk3DLne19AGF3LFfb7czMeh2eKe-BassfLVs&sig=Cg0ArKJSzFOx3z-qK04LEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 11 Jan 2022 16:29:18 GMT
truncated
/ Frame 8DC0
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54d69ed33e894e65040ada3625641a534fca2f7432d9bc5a4c503c73ae8cea52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5F39
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32ab99f963aa69700464ca78566d8627493496187de226657ae032b68789cfba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 8774
33 KB
33 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:22:13 GMT
x-content-type-options
nosniff
age
425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33980
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 12:38:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jan 2022 16:37:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3B15
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstev1XcCbQIIpFSCHSUAfH8M_rIbUEEeciXMCYm8aX0oThsM0cW5Um7zIoF99hSg1IUdFVrN7n-z4FLpy0Bgk3ThoFOZNV-JimptX_4RaA1rD-Sts_8MHZp_AGEp2NBQ3oEQRdmJxh4hKqImwHBoKCwDv1w3__P8i4Kw403WiQofoi2voxDvB0pKLLd84Dq-m_zhCVE8rf6QVu1TvhygzyRBwEBT1h02BqlUo5G2En6GoWslynQA5uAn2BX99wCUIgfJsozV6-k6CkcJuekOEw1Nprt5VCipH6xwkRQnFdUzIrvNx-YJLKEfxE&sai=AMfl-YRP785pfO7aIk6eMNB4rpV48yRszZnQ_hF7_jppAXW0GCL82Lx0ijusGMSe-kr5OQe5F-4P7-US8OGEJepK51XFLQcex-FWIXAqPve7zG79k_i2bWWLrfOrwCQAx38&sig=Cg0ArKJSzHQrMt6VA4waEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr04s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 11 Jan 2022 16:29:18 GMT
truncated
/ Frame 3B15
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71334c71f1d9e4e40ddf7f8358bad2650c45299d65cfea4bdf3d4f1aca44058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14c8f7e0d5055b93fe89a0f0b136a04d14ee2729ede637b2913196888069843b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 11 Jan 2022 16:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8709
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=892099694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&ul=en-us&de=UTF-8&dt=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAQCAC~&jid=133656784&gjid=1786815428&cid=447015613.1641918556&tid=UA-122683633-13&_gid=417567279.1641918556&_r=1&gtm=2wg1505C57NQ4&z=409115211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.seudinheiro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.seudinheiro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=892099694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.seudinheiro.com%2F&ul=en-us&de=UTF-8&dt=Seu%20Dinheiro%20-%20Invista%20com%20Intelig%C3%AAncia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAQCAC~&jid=&gjid=&cid=447015613.1641918556&tid=UA-124062040-1&_gid=417567279.1641918556&gtm=2wg1505C57NQ4&cd3=&cd4=Seu%20Dinheiro&cd5=An%C3%A1lise&cd9=&z=1363367833
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 15:27:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3719
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/32345291/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:14:20 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
BdG4VhNaTDfMqqMm2ZoaX-uMBa9tJurWROxTaIS24EqaIOWsoaHMYQ==

Redirect headers

date
Tue, 11 Jan 2022 16:29:18 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
kj4rkhBd2WzQD899g6e8HdjBaNVL1G7uX903rld8Mv-eH9jrcwcSww==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jan 2022 16:29:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 75E5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Tue, 11 Jan 2022 16:27:08 GMT
expires
Wed, 11 Jan 2023 16:27:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 81B8
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98c456457661ee8e2479152f8c7acf080fde509eda95e83b74da3da6d888ba32
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uhv/bHhpQNtCauPm0QVu+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 11 Jan 2022 16:29:18 GMT
date
Tue, 11 Jan 2022 16:29:18 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Uhv/bHhpQNtCauPm0QVu+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
pagead2.googlesyndication.com/bg/ Frame 75E5
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13512
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 16:08:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81B8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=3858594681947122&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 75E5
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?uYVF9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:29:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=3858594681947122&bg=!Pj2lPXnNAAbDtiZlw7Y7ACkAdvg8WhXImwUcCk8foBt-GhklqxFTU1oKr7HXCCthkMKoJMA6191yRgIAAABVUgAAAAtoAQcKAECIZI6w4oBSt7Ty1J8Lwes7bJVy-FpPILJSn9IRlHeTCUq6ZvfaHT6Xsxh1bAmKyrGmIW7ON4FbnB3vaJNbGNGWmQKaaIopFyICLpQ_Lk734i6FPBT_v0wZbr0Qu8Oa5yQlHLvNnCCOoL2qiV_AOZciU4-6qxgo7N3rNBFnhTjbu7gIly9PIgYDZ0rSEC_rQRahyHbD0sVPr_Ho1Vsc0Rg4GnvAUI_a1xoFUghZwNMg6VW0NlB7cCxajIbzSOgaLhdEb1n9n1ZlnQ9GGYVFN1IQkTuhX8cFvCjU00Qc_Ldfc0MlF7ytNaV0QAml4WuUNc-xzWHFRSI3-cYZnlwxxj0bn5tYfZg9iAtKiqbkSq2R9nJOmaFn0t0iRjNVNVT9k14IflO9lAG7fhVfVKdv-tnJ74v0HK-426WcYCgsW0ZE6q0ODrhKAAxSXFLFlUvOq5FKAIpWCgmpUYXNdvXESj_R0tlbmdpEDG4RtMCBWch6RYFxs1OpW1yXgcQIr3GTNU7AJ0vyT2Cx7mf8cGSUU13RTCSwQTS5t9Uo_c6D0F10CEvUiNpQORWz9Of40OL00jeA-ti9dfnpFYJbQu_Ic8Qt1UdzZPdz2vn73WfCZlhHBcZSAYMj-QfqYTAhhevXHwoHi5CDhuu1zcwKGqe-uc8rdGCEJ4BPVCnNCIXLSbbZjC5PGpyIX_nxLQYjhlvtj5z9wTpxIQdVYEoVC3z5xjGqmAOWhz-gb3itnUPlAt_RUDCe3eDPJk1HjmcVAvmMNcjX_u7qDPA9KxRLpjYSp8syI2EhPB1CaoZBGd9gGrDfv4cspX6zN9nVg8APVWRABGZuR2Ky5_iNB9Tx4VHgWFXkmy9jT0tNiyCPmxhvgkNHbYtHSrlT_PtWNJnjArrTIaq3S5nTb1gp1nYmDuVJE0CPkYTaMrn7E0a6WZpYY1fm6-OBfJM_YQBMEpqTeYQ7UP6T_lJcQlTlzEGuU5N8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DC0
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss93p0HtSAl2Ar_0MQcXRL9p6eIuEGuCHVeNpitg2zfRdQeYrWMx4XgL_g_QMTo8lEKj-Ii_rL-a2aRRwjhTJt093I4TnchM77EbLZcwqLaqqhRHbkt&sig=Cg0ArKJSzCjaqDOWS2ldEAE&id=lidar2&mcvt=1000&p=77,1199,137,1319&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3327497198&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641918556838&rpt=1252&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B15
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTjWTS_a35BfLpH_zHgTiyq4hZhWbTYPz2G0E73Qz5QA7mllwRltFooswBPK5s8wlLJ2v1DgcY3kOYnSpGZaBOxroRKw0soPDy6HoWm3vYCQt-VlcK&sig=Cg0ArKJSzAxKU9WB0bV1EAE&id=lidar2&mcvt=1000&p=177,315,427,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2115532110&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641918556849&rpt=1541&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.seudinheiro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 16:29:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onsecuritypolicyviolation object| onslotchange object| sd_bannersize_desktop_topo object| sd_bannersize_desktop_lateraldireita_cima object| sd_bannersize_desktop_lateraldireita_embaixo object| sd_bannersize_desktop_infeed1 object| sd_bannersize_desktop_infeed2 object| sd_bannersize_desktop_infeed3 object| sd_bannersize_desktop_inarticle_1 object| sd_bannersize_desktop_inarticle_2 object| sd_bannersize_desktop_inarticle_5 object| sd_bannersize_mobile_topo object| sd_bannersize_mobile_infeed1 object| sd_bannersize_mobile_infeed2 object| sd_bannersize_mobile_infeed3 object| sd_bannersize_mobile_inarticle_3 object| sd_bannersize_mobile_inarticle_4 object| sd_bannersize_mobile_inarticle_5 object| sd_bannersize_mobile_bottom function| getEmpCookie string| x undefined| post_category_names string| post_category_slugs undefined| post_column undefined| post_column_slug string| post_author string| post_author_slug undefined| post_category_primary object| cookie_emp_seg object| cookie_emp_u string| post_id string| post_classificacao function| checkMobile object| dataLayer object| googletag function| advanced_ads_ready object| sgr_main function| sgr_2 function| sgr_3 object| ggeac object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Waypoint number| j function| next function| prev function| indicator function| dot function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded function| _extends function| _typeof function| LazyLoad object| WaveSurfer string| authSessionEnv object| authSessionPremium function| checkLoginPremium object| session object| local function| validar string| o object| a object| b function| Navegg object| naveggReady object| nvg45300 function| hj object| _hjSettings object| nvg60657 function| fbq function| _fbq object| gaplugins object| mcwidget function| getSize function| Flickity function| Unipointer function| Unidragger string| waypointContextKey boolean| hasSelectiveRefresh object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Cookies function| OneSignal function| OptinMonsterApp boolean| om_loaded object| om24256_33651 boolean| _omvisitsadded function| omq number| __oneSignalSdkLoadCount function| __jp0 object| gaGlobal object| gaData object| _omapp object| omvzexhmv8wcnywbqij9at object| omlf2sgzbq9ap93bocqa5p object| ompyqglczozzmtnc4k6b9b object| ompzuynl4wnvgcmodoxrd2 object| omwiz68zuvtuhjocgsbphk object| omcqwyrrenfwzybarj845l function| nvgGetSegment function| ltgc object| regeneratorRuntime object| MC_PIXEL object| MC function| moment object| WebFont object| google_optimize undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ampInaboxIframes object| ampInaboxPendingMessages function| setCookie function| getCookie function| makeRecLogic function| setEMPUCookie function| setRECCookie undefined| gaUserId undefined| partner undefined| getHashURL function| setCookiePolicy function| initCookiePolicy function| getTermAcceptByUser object| apiURL function| checkCookie function| getParameterByName function| setUserUID function| getToken function| saveCookies function| sendIDtoAnalytics function| getHash object| GoogleGcLKhOms object| google_image_requests

36 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 14SIUFYH0FOW41MNQOETZLg1641918555
www.seudinheiro.com/ Name: _omappvp
Value: h1HKSfECuHJDajQi4jtkSL46gD3c1HYLaMRIFITIaMFAbIl3TJvWVKXMwrmP3TTF2SHSZJs2kCmhpapbotr0HhqVJMgJUzub
www.seudinheiro.com/ Name: _omappvs
Value: 1641918555550
.seudinheiro.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.seudinheiro.com/ Name: _ga
Value: GA1.2.447015613.1641918556
.seudinheiro.com/ Name: _gid
Value: GA1.2.417567279.1641918556
.navdmp.com/ Name: ac3
Value: 1
vip.seudinheiro.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlA1bHljS0lZOU01VkZFWXk1QkFYRlE9PSIsInZhbHVlIjoiNnpLZ3l2RDFUSGpSWHVTQmZJOUI2MkNxUTBqbFcxb3VnMCt0czBlYVVOT0xRckQyeFREa29OQ3Z1OWJnV0dTSiIsIm1hYyI6IjViNmMzZTFjNTk1YzFlZWQyM2ExOWZmOTg3ZDMwNGU1MTRhZmRmNDZiZTgwZTEwN2Y4OWM2YTJiNmE5MzExYTUifQ%3D%3D
vip.seudinheiro.com/ Name: seu_dinheiro_premium_session
Value: eyJpdiI6ImN2b2dEU0R3OWFTMDlzbitndWd0VEE9PSIsInZhbHVlIjoiWkp1MGNaQ3krS0x2eGRnQ3Z6bEN0RzdzbUlIRDNIVFI5Yys2cGdnZ0xoSlFjald6UlpmQmI0VEE2SG9FZnFGWSIsIm1hYyI6IjJhODgwYzJlNTc3ZTFhNjVlZGNjNjNjNzEwYzg1ZDExY2E4NTMzOWI5YWQ3Yjk0ZWIxNmEwYzNmMjJlNjZjZjUifQ%3D%3D
.seudinheiro.com/ Name: _fbp
Value: fb.1.1641918555875.41916378
.facebook.com/ Name: fr
Value: 0hqwK27uFVuBFt5fS..Bh3bBb...1.0.Bh3bBb.
.seudinheiro.com/ Name: _gaexp
Value: GAX1.2.UCZy-RPZT_yLO0Dg0lQ2CA.19071.5
.seudinheiro.com/ Name: _gat_UA-124062040-1
Value: 1
.seudinheiro.com/ Name: _hjSessionUser_1784586
Value: eyJpZCI6ImQyYzY4ZTQ5LWYzZGQtNTM3Mi05MjFkLTI2Y2Y2ZjhiODY3NSIsImNyZWF0ZWQiOjE2NDE5MTg1NTU4MTMsImV4aXN0aW5nIjpmYWxzZX0=
.seudinheiro.com/ Name: _hjFirstSeen
Value: 1
.seudinheiro.com/ Name: _hjSession_1784586
Value: eyJpZCI6ImQ1YTA5YTlkLWM5MjAtNDNjOS04Y2E3LTZlZjNmNDU5NzE5MiIsImNyZWF0ZWQiOjE2NDE5MTg1NTYxMTMsImluU2FtcGxlIjpmYWxzZX0=
.seudinheiro.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.seudinheiro.com/ Name: __gads
Value: ID=071edc8096a0fec5-22a550a0e7ce0049:T=1641918556:S=ALNI_MYGB1kEq_0_6FnGyntIA-885eS6ZQ
.adnxs.com/ Name: uuid2
Value: 216799954414093575
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVRn:pj+!]tbPl1M>e)ZlrFUfJ+tGXxp.>S<m!OxU<7<pTvd?k<#MPu)X[YvpipmypyR*bpRz*qF1`*b`2c*>xTL
.casalemedia.com/ Name: CMPS
Value: 3235
.doubleclick.net/ Name: IDE
Value: AHWqTUnaEahdXteHpPqs7lEZPkvHZwnWOCTqOy3fhZPKdGETfavG0kY4vuh7XPt-WKM
.casalemedia.com/ Name: CMST
Value: Yd2wXWHdsF0A
.casalemedia.com/ Name: CMID
Value: Yd2wXWchl02OOOXJYfdEDgAA
.casalemedia.com/ Name: CMPRO
Value: 1196
.seudinheiro.com/ Name: nvg60657
Value: 1008326e216425a727648f39ea10|0_12
m.exactag.com/ Name: exactag_new_gk
Value: cc798226bf7048ddbc1005409acf2581%7c12.03.2022+16%3a29%3a16
m.exactag.com/ Name: exactag_new_uk
Value: 9d84c858260d49e3a849ae2ee8dc5e79%7c
m.exactag.com/ Name: session_session
Value: c67b81ea89514c5c99354d8e
.casalemedia.com/ Name: CMRUM3
Value: 2d61ddb05d2760CAESELtB2n2nu0xZGXB6523pu8o
.demdex.net/ Name: demdex
Value: 13061660461556230900899746788927997040
.navdmp.com/ Name: nid
Value: 10083243b6ab69e68ade17f4b010|0|41
.seudinheiro.com/ Name: nvg45300
Value: 10083243b6f378b8cff3506b1e10|2_12
.skydeutschland.demdex.net/ Name: skydeutschland
Value: 13061660461556230900899746788927997040
.mathtag.com/ Name: uuid
Value: 3c0661dd-b05c-4800-a326-1e96b125a019
.seudinheiro.com/ Name: _gat_UA-122683633-13
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://vip.seudinheiro.com/api/v1/user
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f72ee9fd77f43e4f81c2d8c23b11ee0.safeframe.googlesyndication.com
a.omappapi.com
a.optmnstr.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.omappapi.com
assets.seudinheiro.com
cdn.navdmp.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.exactag.com
manychat.com
mccdn.me
media.moneytimes.com.br
media.seudinheiro.com
onesignal.com
opi.navdmp.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.mathtag.com
s.tradingview.com
s0.2mdn.net
s3.tradingview.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
seudinheiro.com
skydeutschland.demdex.net
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
usr.navdmp.com
vars.hotjar.com
vip.seudinheiro.com
widget.manychat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.seudinheiro.com
142.250.181.66
142.250.181.98
142.250.184.194
142.250.185.194
143.204.98.123
143.204.98.33
143.204.98.69
143.204.98.70
143.204.98.76
143.204.98.82
18.185.191.84
18.66.248.64
2.18.233.201
2.18.234.21
212.82.100.182
213.202.235.8
2600:9000:224a:6c00:8:48e:53c0:93a1
2606:4700:10::6816:149c
2606:4700:10::6816:159c
2606:4700:10::ac43:1ff6
2606:4700:20::681a:f87
2606:4700::6810:135e
2606:4700::6810:bf3
2606:4700::6810:ff3
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:803::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9a
2a00:1450:4019:80a::2002
2a00:1450:4019:80c::2002
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.248.66.137
34.247.1.155
37.252.173.62
89.187.169.47
0294b004dbddf65b40aadf81a0b2881976915da8786a8ed1d12bf31e524445b0
0304a54cfca254a0819392b7706f5e3ed053b7b0296a215045bc434ef0dd7c8b
04e091479f49fb8ee3bfefd6707addfd16402568a1d0134655b68461469bcbe1
058628b0168abb04fed9e6c651700db06761c022950a2209c9d7ade66eac330b
0760d239c2372a001017ede7d7657f513435a4e4ee0d8e0e1f77ae000c438d06
076b9d0c15b450ab8da2ae6f2655743fb07ce38725eaf5d9de4212b50e71574a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4ff2f9ed3b0a32dd5ab950b96fa89746e6fd7ccf1cc2f47db3b85d0f7c5a33
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c820d2c6487e2a1b7363223e321dab694736d2380acdc52cafcf70a9d53cd9e
0e798efc7f3531f20fbe5a956a66bc0bf311ec557d398b6dec200d1f7fa538cb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14c52b4f1daa1aa3a92d960a311d4518da07e80b7b1a443d3f1a55c0968c99a0
14c8f7e0d5055b93fe89a0f0b136a04d14ee2729ede637b2913196888069843b
156a6dfd9a25b183d6af4d65dac0c62fc0b35881354908eabb5b162c2ba8514f
15ab2ac571d4f4d6053452253252cc8412177b83a8d22de0bbe95a9e1cc69a37
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
1a61bca7f6b95fef677a552389533a66cb61b65f80e0dc8dfb1a4f2a10465a06
1ff53841c0fa1f54816990b7b05c0c5f304962877aff4723626e6b1dd9be7b94
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2063e60bd2835e246d0e7f2021f2642954ea0adea69f2bce1e8f9241b8e368a5
209ca4300e76131524a0c2232d16799327cc4ad9736dba93b1cf5f19079d2d6a
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
211ad865da55bab52f93a8829e3417e664e7f214c11ef4faf0fb817fb2806554
23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5
2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f
248dca92d8ab560231ecc9d7db9e67c1428bd4a16d2b1bd1081c4f6979914a02
2544f04aed16a754b4c8198ae0cf980587519e858da56360dac423739b4bc504
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2925dd157f5d88937d72985a22604c28692380777b45aaf9723fef3e75af5902
2b12b4e362a8d3e50339937532a858037157683e95467201295019b3401d80ac
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d807129c75690c36ab910977bafeefd72ce9852f918428632fcc20c5200bcbe
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
305807aa484720ceac72f208c3b400b0525e872d5e13acfa2f3300ca286fc519
313c4a06d3d2247e07c444cec75c1c30e2d318579c63fde48283ebae43da93f5
32ab99f963aa69700464ca78566d8627493496187de226657ae032b68789cfba
3574b54f3950ee22495b61185a9e6b1cc938de223868956f5c68dd4c973201be
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
39cd77afa861423019ee3a8ebdba091f81ceefb42af068be7bf34793c2dd035c
3e5abd97d8cc264231d8f5fd45ac7402480dcc55e9682dd853f5c594be4c6051
3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
42351927db354ad1c0d9106f3beefe52a6cc4107f4b9beff198b1ed848ddb234
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
4428b1bf076a26f6d0e815c05cc87879e4f16b3c5adf545a7c23a8331d17a34d
4679ff7a84b1674e7c614381f8eca35a11840eb60a36d9d6db1f89287c6bb90a
46dc06d2408461cb9a8ed7dbe6d325e356405b804e04f0a8d65c3133742bb96b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfad1cafd8bbf21fc7673d0ccdbd39cd60b7b0c91e412d55562f814bae14b7b
4e4510e468b287bd7dde2f04e6a2e9647b612662afedc3d79db599c7920f3b8c
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
5338015d65231fb86a36a6b85c901cb52a2e1e547fdd8ba9ae2e7ebbd145850c
535ef04f4353e89800c836432e1179de4aa588884cca96fede27ed230e7cf431
54d69ed33e894e65040ada3625641a534fca2f7432d9bc5a4c503c73ae8cea52
559c50de58d4dd94b8f5fdb6cc900934ec2f2e5238cdde24b0d65906434ed464
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bd274db8b8482bb0db8a971516f0329571c72344a7e797cfaeb6abc2d997e4
5ab3b98827076ce11d098f82508ca106ddb414afff1aad7a9b7623da87f73efe
606c4767b036b30918b5f9f0da5bdbe48210926e33e2085f6d4adf176e2a3582
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634e860a3613da7e7f24e597339df343e3677f65b6372c9702a87212748e0cf8
641bca88422740f13999ce1981479716803ea7bbef797071bc213b349160503c
69ba4de926f0b21f94ddc69dece57ae5759dc9b39dfe8a36f47f9f6abd59e9cb
69ec4cb41f2c67481138f3a18cdbfd51eb9a3b1ea69d305398a15d28db45df6f
6b018739ef4f1b0be1f3e6ca9d792aaf247180223f27534fb06c9614b7ddfd48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
70dd390dbbffd306539aabdfd281cfebf3a07b3283203938fae8fb9acc0a6211
70e251cef7745d403ec04d217519643dc1621b582fa665c77ab31712b86ae54c
71c93b27fc58b35a9f9318e4e6c56ba26b39e99e798ec541ace7930d99e2ce3a
71fdab19083f42e11943aa7798c413fc982d7d0d410c6857bb1c594153107597
73696ced3fab5787cf9afbf934f042cfc3028da3bfc6a1c03b02747bf2845362
7559615293c2678dc215cb8e3d0bc7221e5563f54cb2c8b45e2cfc655e241c59
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
76c872d965be2abcf146816d5b22be11c1af858d24780bfc14d4ecf6bb7ff544
77012fd176bbb2745e2a40914d9b2eb5a799a126332b67ec2cd465af47d258e4
7898295b7509dfd6b644a0bf950103ce369b29c0a9099beb632bef07a43dc5ba
79eaf2069134ef02fd763aeee0a0f32e759967ea8488865a2f5f1fc091ee5f66
7cd230b7a1b9b86e3826d44a6e316fd26b23cbed599e62cdda65e2f5cd72f232
80c1ce5b1177e73d63d30f060dc86d7cac8a54bfef454a98171c0af7cdf3110f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8348bc383f76df8e013617616d30b3b91cfcffa31dd873e68376da05be224cf6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f84cc454a8d5078c82e35f92d342b2d43e10775343497ebb78f8b8f04d0f55
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
876c91e74c3eac27c04acc87fd50537fc838058deaf185108be1029aed5032b0
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8a48cca813010dda4f8fafd0e5ffa7cb2fec1d5d735ef66717922e4f7d7df605
8b8df1db2c2ab94bad7c1fed3f980177a8c4f21ebad0797a92ab326f63b35b0e
8bb4c8860ab56676b57945f9e1a7ef42ff1bdc10089fb075e065eef5d7aded0b
8f28f182aa5467db034384a4a4dfe77b3c27ce8ccc58ba8ebc46368008036405
932d46a9ea4136b8350e9fa843415194b9bd0a5fbe7b20ba09cf3a4f28f21a00
944b1c9355595d2ed225c0acc74fee48395ab78fca04def0cf7f9f263da4ea52
94da55c3dbbd25ab0a7b3c3950906850e727d1fdccf3bb025add820e9f6bf6a9
95a11efa0a98750a675291aa9a54a4e9b5894ddb3a0730ce3de3c82677351502
98c456457661ee8e2479152f8c7acf080fde509eda95e83b74da3da6d888ba32
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99ea25cee1fcf0fb26860b30e5e2b5000ada288de4373c8e388cdf9caa6b7954
9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23efc496bb4fd4aae84a4610931b5e5cd437f0d4d7b92690475d2049e382f4c
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92c4d5381633b246afd400ae2b7a1420bfd0a18e87b5180a842d1acfb9c3bb6
aab8d7e38ce5410a2103ab4e350af7bc6a7c474dd68a7d05918971413012f7e8
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14
ae162f791736cd6da1ce81ce91920857cc78d6f71c3bdb8f611bd2f4b6f2ed71
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5
b1a13357c2cb3a7a32fb8a2c4aacb57c85d069e203be86733e69d7d25bb2a566
b22bd54857a3d6aa38cfe591afcc88bb0971ce32cf1cba07114f95f9863b859a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b5e8062496fd97c16757e9991fb13eab674a938d9893a24a6e5689aa161f1441
b71334c71f1d9e4e40ddf7f8358bad2650c45299d65cfea4bdf3d4f1aca44058
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
bd30b0159d8a9fc93d22290e2c5af1e1377225f5db282af519998a27441b82b5
c01151bcc4fe77a35f830b3bc2a7f492dc251d7c54f6559c4525c9a1a0c4f3be
c318d93d737f8f203c77e4f88219bc467a491973ca04356f8695e1021821f94e
c41807961edb76093c4351e825294ff8bd41ef5d8d17111c53302822e8783500
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c7e88254d5205e19c94d41585239fafd00d9f86d09f255dbfb25b89c143c7360
c8da7ab2f5c53ea3b649c1231deac06860e0b2b19a32248569c1b09887638adc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd981795039aba2d509543f820a380b8a84dfe49554d5f46f30d57fb9d648b26
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf52eae40a54ee9fec68754411996493c8695885297e6de3fd825b3c19673e8a
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
d51cc38856a678fef23416347d1707b179d021fd20e1eab72bd6fa1fc76ff255
d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b
d99a78830202888468498a2080aa1200187b1252ea80d1432a5a11c75e0cc578
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df556ebd91e502ba0d643b80e8981d5187e57d098cecfff84590da2ffafa8467
e167eb39c39e39a48d54d99f4d2db46c28eb3fc2b8ffc243bcbb376a89d7b097
e1725ebaf6070b66081e4f2e7a8646229c5661322f98c62bead698469ab9e256
e17a1eb9289eed4c3b6a76f8f153f299dd28f8d49811512f852cb1aa608a7eb4
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3a2966cd50b750a69c5bd325b9ee0ba175f1740ac51158f6e3df8a1d3e0b0cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7c86b738c6edc4a9f8943c284f26256bca227ec91a4ef9c5bd4dee083b9aebb
e81d0e8e4cb75821c21247c7c1e2dccc7c2e6774b3256aa7b060ab5206fb5e17
eac207de8dc809e58959d8a3d0663793312f6041f8c258e793bac26b271f0128
eb92e8f08fcd5ebc0e41addc6a51fc2cded8c10c3cc6867d61ec2239b111cfc8
edb34bdc6db07472e47875d30aa8503e7d6d3b0614504342d885214ed15ae333
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef87f9394bb13a7369a0b1c04542b3bfe33257f9a6d4c5ee1e926abb06cf3d3d
ef896a57ca89ed39ab355b2218bf2c712e3dc17cc93255c2ffe8279c3e53d5dc
efca94093dba0530aadddbdfeb7eefa4ff18a6818e03e4301a487406de208468
f0e99a651847e624316433c10dc7ee6c3c0a3b1c39ad14692041d23fc20a40c2
f1a589bc1c5aac2ee11ccad1842fb1ecd860b283728ad5e631e34dcca9d93fab
f1c0d0ace1b408eff419bb5a98fc61e50ca677717bf282a127c546126b444c0e
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16
f667a56aa19f9e065747dca8f5e2038f67cc162fdbb2de314fbd369839feb968
f72e13737ac62698c86fdda96f4bfae9d8e41f042c961a19f5bb1e544a2521cd
f748a1169479314e3c17c735784d917815fdc45ebc746d0f9562a08f2e7a4063
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8
f95cad9c732437dd7e79a38514b09c173e7c1054de1fecde973ecc417f88f0e8
faa53f01ec65345a5d6d5c58339f836a9b790ef60cf3d2baca51745400eea9f7
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
ffd7c90c48c294f1d1680cb2997a3201eec1f6b2df7c732e5c7c498ac554d8aa