urlscan.io logo urlscan.io
SecurityTrails logo

marsemfim.com.br Open in urlscan Pro
172.67.128.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marsemfim.com.br/
Effective URL: https://marsemfim.com.br/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 5 countries across 46 domains to perform 197 HTTP transactions. The main IP is 172.67.128.94, located in United States and belongs to CLOUDFLARENET, US. The main domain is marsemfim.com.br.
TLS certificate: Issued by GTS CA 1P5 on September 7th 2023. Valid for: 3 months.
This is the only time marsemfim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 172.67.128.94 13335 (CLOUDFLAR...)
4 172.217.18.8 15169 (GOOGLE)
5 104.18.214.59 13335 (CLOUDFLAR...)
1 216.58.212.138 15169 (GOOGLE)
3 142.250.185.206 15169 (GOOGLE)
13 142.250.186.163 15169 (GOOGLE)
1 95.101.111.163 20940 (AKAMAI-ASN1)
2 157.240.0.6 32934 (FACEBOOK)
8 142.250.186.174 15169 (GOOGLE)
3 104.22.70.197 13335 (CLOUDFLAR...)
3 216.239.38.181 15169 (GOOGLE)
2 142.250.13.157 15169 (GOOGLE)
2 142.250.186.100 15169 (GOOGLE)
1 2 157.240.0.35 32934 (FACEBOOK)
1 104.18.215.59 13335 (CLOUDFLAR...)
7 142.250.185.162 15169 (GOOGLE)
3 172.64.145.156 13335 (CLOUDFLAR...)
3 64.227.27.145 14061 (DIGITALOC...)
8 172.217.16.195 15169 (GOOGLE)
6 142.250.185.98 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
6 142.250.186.46 15169 (GOOGLE)
2 213.227.153.225 60781 (LEASEWEB-...)
2 184.30.17.67 16625 (AKAMAI-AS)
5 172.217.18.1 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 146.75.118.132 54113 (FASTLY)
1 151.101.130.137 54113 (FASTLY)
1 69.16.175.10 20446 (STACKPATH...)
2 162.247.243.29 54113 (FASTLY)
7 23.53.234.15 16625 (AKAMAI-AS)
4 34.236.131.197 14618 (AMAZON-AES)
1 13.224.194.64 16509 (AMAZON-02)
1 3.215.243.137 14618 (AMAZON-AES)
3 23.32.184.192 16625 (AKAMAI-AS)
1 216.52.2.91 30282 (AS-INAPCD...)
1 1 46.228.174.117 56396 (AMOBEE)
3 96.46.186.182 7979 (SERVERS-COM)
2 34.98.64.218 396982 (GOOGLE-CL...)
3 51.38.120.206 16276 (OVH)
6 9 184.86.251.89 20940 (AKAMAI-ASN1)
1 1 145.40.97.66 54825 (PACKET)
1 3.71.149.231 16509 (AMAZON-02)
2 2 104.122.39.115 16625 (AKAMAI-AS)
6 184.30.22.30 16625 (AKAMAI-AS)
2 3.123.45.150 16509 (AMAZON-02)
1 18.156.30.67 16509 (AMAZON-02)
4 37.252.172.123 29990 (ASN-APPNEX)
1 69.173.144.137 26667 (RUBICONPR...)
1 172.240.219.212 7979 (SERVERS-COM)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 69.173.144.165 26667 (RUBICONPR...)
2 162.19.138.118 ()
1 104.22.5.69 ()
1 34.120.133.55 ()
2 95.101.148.20 ()
1 184.30.16.183 ()
1 172.240.155.116 ()
2 3.124.81.102 ()
1 1 3.69.181.164 ()
2 2 142.250.184.226 ()
2 2 52.49.222.43 ()
1 1 54.228.148.187 ()
1 3.33.220.150 ()
1 141.95.98.64 ()
1 178.250.1.11 ()
1 23.212.88.20 ()
1 2.18.160.23 ()
1 178.250.1.9 ()
2 2 3.122.23.32 ()
197 64
35    172.67.128.94 (United States)

ASN13335 (CLOUDFLARENET, US)
marsemfim.com.br
4    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
5    104.18.214.59 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net
fonts.googleapis.com
3    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
13    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    95.101.111.163 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-163.deploy.static.akamaitechnologies.com
statics.estadao.com.br
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
8    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
news.google.com
3    104.22.70.197 (None, )

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    142.250.13.157 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net
stats.g.doubleclick.net
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    104.18.215.59 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
7    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
3    172.64.145.156 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
3    64.227.27.145 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
adserver.latinon.com
8    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
www.gstatic.com
6    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
6    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
play.google.com
2    213.227.153.225 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
2    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
5    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googletagservices.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
tg1.aniview.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
7    23.53.234.15 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-234-15.deploy.static.akamaitechnologies.com
player.aniview.com
4    34.236.131.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-131-197.compute-1.amazonaws.com
track1.aniview.com
1    13.224.194.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-64.fra2.r.cloudfront.net
dkae4asr0dphj.cloudfront.net
1    3.215.243.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-243-137.compute-1.amazonaws.com
go1.aniview.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    216.52.2.91 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
3    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
9    184.86.251.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-89.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    104.122.39.115 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-39-115.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    3.123.45.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    18.156.30.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-30-67.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
4    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    172.240.219.212 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    162.19.138.118 (None, )

ASN- ()
id5-sync.com
1    104.22.5.69 (None, )

ASN- ()
id.hadron.ad.gt
1    34.120.133.55 (None, )

ASN- ()
api.rlcdn.com
2    95.101.148.20 (None, )

ASN- ()
contextual.media.net
1    184.30.16.183 (None, )

ASN- ()
acdn.adnxs.com
1    172.240.155.116 (None, )

ASN- ()
sync.colossusssp.com
2    3.124.81.102 (None, )

ASN- ()
x.bidswitch.net
1    3.69.181.164 (None, )

ASN- ()
1f2e7.v.fwmrm.net
2    142.250.184.226 (None, )

ASN- ()
cm.g.doubleclick.net
2    52.49.222.43 (None, )

ASN- ()
match.prod.bidr.io
1    54.228.148.187 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    141.95.98.64 (None, )

ASN- ()
lb.eu-1-id5-sync.com
1    178.250.1.11 (None, )

ASN- ()
gum.criteo.com
1    23.212.88.20 (None, )

ASN- ()
c21lg-d.media.net
1    2.18.160.23 (None, )

ASN- ()
cs.media.net
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    3.122.23.32 (None, )

ASN- ()
rtb.mfadsrvr.com
Apex Domain
Subdomains		 Transfer
35 marsemfim.com.br
marsemfim.com.br
5 MB
21 gstatic.com
fonts.gstatic.com
www.gstatic.com
454 KB
19 google.com
news.google.com — Cisco Umbrella Rank: 6566
analytics.google.com — Cisco Umbrella Rank: 178
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 37
94 KB
16 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 13456
player.aniview.com — Cisco Umbrella Rank: 2378
track1.aniview.com — Cisco Umbrella Rank: 2622
go1.aniview.com — Cisco Umbrella Rank: 6508
sync.aniview.com — Cisco Umbrella Rank: 2431
313 KB
13 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5073
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
token.rubiconproject.com — Cisco Umbrella Rank: 504
37 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
233 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net
24 KB
9 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
6 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
img.onesignal.com — Cisco Umbrella Rank: 7889
103 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net
c21lg-d.media.net
cs.media.net
14 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com
20 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1206
x.bidswitch.net
1020 B
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
79 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
286 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
363 B
3 latinon.com
adserver.latinon.com — Cisco Umbrella Rank: 190439
7 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 27330
ui.cleverwebserver.com — Cisco Umbrella Rank: 28409
call.cleverwebserver.com — Cisco Umbrella Rank: 29579
47 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4217
28 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 criteo.com
gum.criteo.com
dis.criteo.com
663 B
2 bidr.io
match.prod.bidr.io
1 KB
2 id5-sync.com
id5-sync.com
975 B
2 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1414
sync.colossusssp.com
247 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com
624 B
2 openx.net
u.openx.net — Cisco Umbrella Rank: 739
us-u.openx.net
432 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 248
751 B
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
13 KB
2 zemanta.com
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 26761
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20426
151 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
430 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
276 B
1 adsrvr.org
match.adsrvr.org
149 B
1 fwmrm.net
1f2e7.v.fwmrm.net
595 B
1 rlcdn.com
api.rlcdn.com
360 B
1 ad.gt
id.hadron.ad.gt
312 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
213 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
243 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 cloudfront.net
dkae4asr0dphj.cloudfront.net
35 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 456
28 KB
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2761
9 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
59 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
607 B
1 estadao.com.br
statics.estadao.com.br — Cisco Umbrella Rank: 500146
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
197 46
Domain Requested by
35 marsemfim.com.br 1 redirects marsemfim.com.br
13 fonts.gstatic.com marsemfim.com.br
fonts.googleapis.com
9 ads.stickyadstv.com 6 redirects player.aniview.com
8 www.gstatic.com news.google.com
www.gstatic.com
8 news.google.com marsemfim.com.br
news.google.com
www.gstatic.com
7 player.aniview.com marsemfim.com.br
player.aniview.com
7 pagead2.googlesyndication.com marsemfim.com.br
tpc.googlesyndication.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
contextual.media.net
6 play.google.com www.gstatic.com
6 googleads.g.doubleclick.net marsemfim.com.br
5 tpc.googlesyndication.com googleads.g.doubleclick.net
marsemfim.com.br
4 ib.adnxs.com player.aniview.com
acdn.adnxs.com
4 track1.aniview.com
4 www.googletagmanager.com marsemfim.com.br
3 token.rubiconproject.com eus.rubiconproject.com
3 onetag-sys.com player.aniview.com
3 sync.aniview.com player.aniview.com
3 ads.pubmatic.com player.aniview.com
contextual.media.net
3 adserver.latinon.com marsemfim.com.br
3 analytics.google.com www.googletagmanager.com
3 onesignal.com marsemfim.com.br
3 static.addtoany.com marsemfim.com.br
3 www.google-analytics.com marsemfim.com.br
2 rtb.mfadsrvr.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 x.bidswitch.net contextual.media.net
2 contextual.media.net player.aniview.com
contextual.media.net
2 id5-sync.com player.aniview.com
2 grid.bidswitch.net player.aniview.com
2 secure-assets.rubiconproject.com 2 redirects
2 bam.nr-data.net marsemfim.com.br
2 widgets.outbrain.com googleads.g.doubleclick.net
2 www.facebook.com 1 redirects marsemfim.com.br
2 www.google.com marsemfim.com.br
2 stats.g.doubleclick.net www.googletagmanager.com
marsemfim.com.br
2 connect.facebook.net marsemfim.com.br
2 cdn.onesignal.com marsemfim.com.br
1 dis.criteo.com contextual.media.net
1 cs.media.net contextual.media.net
1 us-u.openx.net contextual.media.net
1 c21lg-d.media.net contextual.media.net
1 gum.criteo.com contextual.media.net
1 lb.eu-1-id5-sync.com player.aniview.com
1 match.adsrvr.org
1 pr-bh.ybp.yahoo.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 sync.colossusssp.com player.aniview.com
1 acdn.adnxs.com player.aniview.com
1 api.rlcdn.com player.aniview.com
1 id.hadron.ad.gt player.aniview.com
1 image6.pubmatic.com ads.pubmatic.com
1 prebid.media.net player.aniview.com
1 colossusssp.com player.aniview.com
1 prebid-server.rubiconproject.com player.aniview.com
1 optimized-by.rubiconproject.com player.aniview.com
1 ups.analytics.yahoo.com player.aniview.com
1 prebid.a-mo.net 1 redirects
1 u.openx.net player.aniview.com
1 sync.1rx.io 1 redirects
1 ap.lijit.com player.aniview.com
1 go1.aniview.com marsemfim.com.br
1 dkae4asr0dphj.cloudfront.net
1 tg1.aniview.com marsemfim.com.br
1 js-agent.newrelic.com marsemfim.com.br
1 zem.outbrainimg.com googleads.g.doubleclick.net
1 b1t-eudc1.zemanta.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 b1-eudc1.zemanta.com marsemfim.com.br
1 call.cleverwebserver.com marsemfim.com.br
1 ui.cleverwebserver.com marsemfim.com.br
1 partner.googleadservices.com marsemfim.com.br
1 img.onesignal.com marsemfim.com.br
1 scripts.cleverwebserver.com marsemfim.com.br
1 statics.estadao.com.br marsemfim.com.br
1 fonts.googleapis.com marsemfim.com.br
197 76
Subject Issuer Validity Valid
marsemfim.com.br
GTS CA 1P5		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
estado.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-04 -
2024-09-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
adserver.latinon.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.outbrainimg.com
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://marsemfim.com.br/
Frame ID: 7AD710EF8CE633C8DE20B6C297599B53
Requests: 136 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 48FCDDD1DFE524041A0674B6F6ED9010
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1697505090548&sut=Ab9pFDZWT9P1uANvlU9kvXbupSYY0MMMnJRSYW3WoyHj067QK4ITNSI7ZzfM8b4cTWunkCx3G3XVfmPWbelukFrTGHy3KOVoXKeO0rY7BiYLQfOZxA%3D%3D&publicationId=CAow_ebKCw
Frame ID: 937589EE1A8FA9CECF818138F9FF3061
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 5320B557E29072DE680406BD351ABD0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=49809442&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505090995&bpp=11&bdt=2368&idt=127&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&correlator=1746554946651&frm=20&pv=2&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5HQXe8yEJW&p=https%3A//marsemfim.com.br&dtd=167
Frame ID: 754B85B8739C0E63B47546CCFD8F42F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Frame ID: 4D10EBFF5AAA4B3CB5C8EEEACF2338B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=280&slotname=9139786369&adk=650593086&adf=3833015032&pi=t.ma~as.9139786369&w=1100&fwrn=4&fwrnh=100&lmt=1697490058&rafmt=1&format=1100x280&url=https%3A%2F%2Fmarsemfim.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091009&bpp=4&bdt=2382&idt=193&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90%2C1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=RYS3pst56b&p=https%3A//marsemfim.com.br&dtd=199
Frame ID: 07865FDB8ADB2AB892F4C1DDDBBD96E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&adk=1812271804&adf=1573534164&lmt=1697490058&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fmarsemfim.com.br%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091042&bpp=3&bdt=2416&idt=242&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90%2C1100x90%2C1100x280&nras=1&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=273
Frame ID: 9D1693D13BF1AE360A93040BF2F1AEF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C0Ou9Q98tZdLSGPac9u8PqpquwAjXrJyCbsrq_Lz9EMCNtwEQASAAYMkGggEXY2EtcHViLTMxNjIyNjM4NzM2NTAwNTXIAQmoAwHIAwKqBPcBT9B_bzM7AGTcyJcsjBcoXdbVebGlmMZrl9SUbPOw3IUjz61FQ5zEVZbT_6cy7pOphiber3HyRayvKkcDMfMrsTGPd42cwCfSwCuTQ14c8WuGNxfXPL1srYrwe3R7lpB4avcOeSxvAjaH0f00l_0oicOZpHIvFWfLSH4VmAynDv9bP_fV0LHJEwzd1C9wlo4_yXaiAledbk6m2ALFK1Xlv47bRDGSrC8IcA7TOVxKUhU2JhHPq-LzBLv9otLHazIGzTYLGToizDuc-DVa2VxaKWMMZQLvXjAzCFSTSUCo06HbQXkozTEJpvJ8Gx7cwBg1UeABLERBeoAGxJChpfKYiaFFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTYyMjYzODczNjUwMDU1GAA&sigh=4XjvCMT_qVU&uach_m=[UACH]&cid=CAQSSwDICaaNRD7QJNMEYQfc4TUDU25JJi91pCLrBAzc9rS2_608D0XaPo13YSDEPcodVv_cNDsIsj-dGRArYcBv_2dqDhM_R5hg9HJvjBgB
Frame ID: F0ACA4A9408EFF99A2538B45A5E2F603
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3ECC34A5BD0213E1FF9666D4E4F5E2BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55640FDC0278416E858A42AC153C306B
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Frame ID: 7FE9AA0D096C97A37798C9636127DA50
Requests: 23 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D18%26key%3D%24UID
Frame ID: BC25E13164275668CDB039446C0085EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=200&key=OPTOUT
Frame ID: B314103C1BF33220252108F703BFA1E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D1%26key%3D
Frame ID: 71B9B36253CA6B0490B96D74C6A29108
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D23%26key%3D
Frame ID: 61A2299302AEB2E47E599340C8359230
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 67033F41CD2181D328BB7BE8D6A4DB1D
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=36b859d438f59e4bd6fdfb87dc88277&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 9CAA3749BCC43DD061ED8DDF275A0157
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: D7460FDEB64F4A9E7DE70CA8CE9BCE76
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Frame ID: 9C580B859DF102A2D733D24319640ADC
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Frame ID: 3B54D07E31EC91D302871155A9D9A2CF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: BD2EC9B8CBDC8C2F6171E783872F0F58
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C169B79EF1321653154D9E1E5786DE74
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8E0C1ACDC47438EF1005DF109B870A57
Requests: 3 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: D3CD9D715B2022C2A382C1DFEC955A1F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 75E3D192220877AF76932B188FAC8D28
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697505094590
Frame ID: D4ED32F8A7A3FB688F5F271C34C77F5D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 8BB88BD1ED19841AF3C4C0B14BBA87E1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3405066968755238000V10%26type%3Dpba%26refUrl%3D%26vid%3D75050961613405066968755238000V10%26ovsid%3DPM_UID
Frame ID: 8D2D7EEEB5F7D0E74BE65F0FD8F20B32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mar Sem Fim - Especialidade no mar e na zona costeira brasileira

Page URL History Show full URLs

  1. http://marsemfim.com.br/ HTTP 301
    https://marsemfim.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

197
Requests

98 %
HTTPS

0 %
IPv6

46
Domains

76
Subdomains

64
IPs

5
Countries

6776 kB
Transfer

11348 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marsemfim.com.br/ HTTP 301
    https://marsemfim.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://www.facebook.com/tr/?id=878623792166593&ev=PageView&dl=https%3A%2F%2Fmarsemfim.com.br%2F&rl=&if=false&ts=1697505090375&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697505090374.1506107887&ler=empty&it=1697505090252&coo=false&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ec=0&ev=PageView&fbp=fb.2.1697505090374.1506107887&id=878623792166593&if=false&it=1697505090252&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697505090375&v=2.9.134
Request Chain 169
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=200&key=OPTOUT
Request Chain 173
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=36b859d438f59e4bd6fdfb87dc88277&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 175
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Request Chain 177
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 210
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a38827addb45194f918290a774a071&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7291292471483411530&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTM4ODI3YWRkYjQ1MTk0ZjkxODI5MGE3NzRhMDcx&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELvX9oZd53wOBkXh6rCLArs&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGV6k7KW78AABmHVt6Exg&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a38827addb45194f918290a774a071?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Y7ALHzhE2oMveP9qDGHAJyEvMsYtpP66p5AIjmin~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 217
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQwNTA2Njk2ODc1NTIzODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEZzOWXdfRDRFHyxJvCGVjI&google_cver=1
Request Chain 224
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3405066968755238000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3405066968755238000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=10d13bf8-af35-417f-b2d7-fec3055a48d8&cs=1

197 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marsemfim.com.br/
Redirect Chain
  • http://marsemfim.com.br/
  • https://marsemfim.com.br/
267 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc86f571eb48f23eef13e3f877b4702a8604c3e01ff5958bcdc640aeb8d3445

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=31536000, max-age=60
cf-cache-status
HIT
cf-ray
8174aaf2cf244145-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 01:11:28 GMT
last-modified
Mon, 16 Oct 2023 23:00:58 GMT
link
<https://marsemfim.com.br/wp-json/>; rel="https://api.w.org/" <https://marsemfim.com.br/wp-json/wp/v2/pages/70370>; rel="alternate"; type="application/json" <https://marsemfim.com.br/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJdAhxgf1YjQWLpkY%2BUaUNI%2FH6aNJMGf2ieg1B%2BGTHmVFkkwby7G%2BIFtGzful8SNsgfde5stwOoh1vHrVRtaeQss0zK7BRzn6BFRT2eSPRL%2F9mbkkNGIB14QG3nBmQoBYKtS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=1814400
x-litespeed-tag
d66_HTTP.200,d66_front,d66_URL.6666cd76f96956469e7be39d750cc7d9,d66_F,d66_Po.70370,d66_PGS,d66_,d66_UCSS.c925ba8659ddab3722d1db9881565902,d66_MIN.a92d230ca1c68ec744f3f4c941201ba2.css,d66_MIN.3cd9f28d330b4729ffb8e390edd75258.js
x-turbo-charged-by
LiteSpeed
x-wp-cf-super-cache
cache
x-wp-cf-super-cache-active
1
x-wp-cf-super-cache-cache-control
s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass
swfpc-feature-not-enabled

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8174aaeeba44035a-CDG
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 01:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okzywJdZaNpXQ16X30b8ROv0ns6tzdIEtVUj4K53yXBXUIcpqiL9qVbCoRiVEIpAa3id5%2BVc%2Bf6yKdZFKu0dOnJ%2BJB%2FXkwrgJ2xw4euxRLhNGy0mp85fpk2nKvDjw3sKeXZ3"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
https://marsemfim.com.br/
x-redirect-by
iThemes Security
x-turbo-charged-by
LiteSpeed
webfontloader.min.js
marsemfim.com.br/wp-content/plugins/litespeed-cache/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2480
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Sep 2023 10:59:36 GMT
server
cloudflare
etag
W/"2f42-65058a98-3001ba;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4Vd2FUEiaj3yo%2BKccm1K%2F1aFcvC4YBCxnk55iUa4D2LvN3RnOYuw2etShcfFgnn4oZCQyy4w6z%2F%2B44j%2B3rNvw%2FSQAnrh27pazS7uCB%2BUTx%2BBEmbw2jtHJDo4zqr%2FsDW7xSM"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf40ff34145-LHR
expires
Sat, 13 Apr 2024 23:00:23 GMT
a92d230ca1c68ec744f3f4c941201ba2.css
marsemfim.com.br/wp-content/litespeed/css/ 		557 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df2129fce343469a4af2e08a9b4d20f04f777afdaf864a281704354cbd1880e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=572244
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 22:24:38 GMT
server
cloudflare
etag
W/"8bb54-652db826-66917b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQcDpeH85AtJYSktCnuS5IQRTygjChpOgM9PB6eqih1uXpi5ktcCyaFwjhiFpHTr69xy9t6nLatKfn57AeJjhgDN7mcq1JFIFntbkeMIrDC7Hcuz%2Ff27dMkDRfIXLZ%2BiiKKB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf40ff54145-LHR
expires
Sat, 13 Apr 2024 23:03:55 GMT
js
www.googletagmanager.com/gtag/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37604055-1
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
58ebdaf8bd96385ec4fe1f2e349367a3a205f2a5b733b1e89262907b465e6392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:29 GMT
jquery.min.js
marsemfim.com.br/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-includes/js/jquery/jquery.min.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Sep 2023 10:39:11 GMT
server
cloudflare
etag
W/"155ba-650585cf-2b56c6;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4t1H9TAJDwbu0n%2FakqnnCaLk3APE05VIiMw5LM%2F%2BKOhDCx8TguBFCCx1NBb%2Fe3hTo7UWvieVHroKsma79fW9CMjIhiNtt0lTd2eH55YddFcY82Gll8FSYfU0V0MQhFUrmJK"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf40ff64145-LHR
expires
Sat, 13 Apr 2024 23:00:23 GMT
wpion.woff
marsemfim.com.br/wp-content/themes/ionmag/images/icons/ 		18 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/themes/ionmag/images/icons/wpion.woff?2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77db55a948b5b61aca1f9b49e4968416973e4042e938ef6e11151cd4ad547063

Request headers

Referer
https://marsemfim.com.br/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2018 02:38:25 GMT
server
cloudflare
etag
W/"49dc-5a615a21-2b5b22;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdqmZtMk%2FM42Zv5UDi8cLC9%2BQSKGR77mtuG170IRrTkw5%2BNS%2FFlwbLvOjTfdIAgvIqXal1bQs1XPXRTZ7OnvoBEOvJ%2BhO564UyFuW3ffFxB7WnY6TqRcclHgwHSLzXM%2FMUJq"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf40ff74145-LHR
expires
Sat, 13 Apr 2024 23:00:23 GMT
marsemfim-logo-adjusted.png
marsemfim.com.br/wp-content/uploads/2023/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/04/marsemfim-logo-adjusted.png
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba3d5ac6ae0edfcbee550a3c0be2a1847e9255217659554790433d4ac4d5e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6028
last-modified
Tue, 04 Apr 2023 10:36:02 GMT
server
cloudflare
etag
"178c-642bfd92-2fc9f7;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz3cU5ZAJ17CifaPc74JPjAu%2FW3CfWrRNvBsXZuqAujwNJ1DjHsm7ic5KUM4qqZ2T2kdQPb2v0XYSArZxjyE%2B2CCbj0ed3C6QwVIxY2z7kE04IQw0e7o1n8SndoyzpnIKmPx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf40ff84145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
zigzag-1.png
marsemfim.com.br/wp-content/uploads/slider2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/slider2/zigzag-1.png
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77001d7b5ef434693823d204124f7ad32c152e491618da32a908a01c5c75d137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1163
last-modified
Thu, 21 Nov 2019 03:11:36 GMT
server
cloudflare
etag
"48b-5dd60068-473160;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZi0uKnezeV0TvVU2WbBPTinY6o69kfTT%2FTOoW3sY6QfMxMYr25nwnl51H2Bx%2Byph39nrTIf1RaU%2Bm2lYX5PBtTAxMr5Ivxye2hD4j1cIaPaqqXzKBoE0yH%2BpYM%2BzlaeVRXT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7299b4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=e11f669e2a7a31324bf0b1a3c0305987
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8174aaf9690d03fd-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 01:11:29 GMT
MarSemFim-logo-barco-100x100.png
marsemfim.com.br/wp-content/uploads/2019/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2019/11/MarSemFim-logo-barco-100x100.png
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b73d4b3f65ddbefd889802ab787c8da68d88f8eaebf66cebf15f94657c7f17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4228
last-modified
Mon, 18 Oct 2021 10:00:11 GMT
server
cloudflare
etag
"1084-616d45ab-3f83b3;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5pCea8u13bFCswi6yKUN2lGz5ynLQsjGH2SAlly9Pj7p%2F9o8rb%2BjpZUKtlpFbiTDUDbioM%2BMSQKNwvOzAOr788G1xPamuFJ%2Bxnwqqyd40uckrsIduJi9aNpI2qESH%2B90%2FUM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf40ff94145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
email-decode.min.js
marsemfim.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Oct 2023 07:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6523afb0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHrvq293rd2p%2BpmnjaZkNo8EKVDn3LhJ1tdK7fdinKQkT6aDLCRJVYsHHflsNcwRZJ6NbKr1K76qxIn3vnQTfJl%2BeVEN%2F9ZpsqIx4R%2BR%2BGvEftWuBnMmX%2BSwKyCTUCG449hv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8174aaf4b8504145-LHR
expires
Thu, 19 Oct 2023 01:11:28 GMT
3cd9f28d330b4729ffb8e390edd75258.js
marsemfim.com.br/wp-content/litespeed/js/ 		499 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/litespeed/js/3cd9f28d330b4729ffb8e390edd75258.js?ver=20936
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785258bc44825158fc68a4231a5699e2af31dec04df63ae470ab88a95dd0b5f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=511691
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 22:24:38 GMT
server
cloudflare
etag
W/"7cecb-652db826-669285;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfeVOt3m5VhLtvgiw0Z%2BcxamR0ovNC3HZrEMnv8m%2BmcbKmbpK01Txx6U0LEXYzwh%2Fx7teX67KuKRxL0L0XAwPOoM5wVoJkQrRg0EHdDCuCeVPSBw1gjKjgi0%2BAR17W2Sz%2BMA"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf739a04145-LHR
expires
Sat, 13 Apr 2024 23:04:07 GMT
truncated
/ 		351 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ea5ae57fcaf52330c9dcb99b88d748bc9872420147baf03a6ecd25112ec65a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		133 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6888c9dfe6d24f38fd79723f81c0248eae46135dacc85df53e2762687d0463f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		28 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5621692c35b842f7e9452c32cd03f265ff5986bfd8cc703092a706e1665a0512

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		256 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WM6CZWF&l=dataLayerParceirosEstadao
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f49e73dccd269481ecf3b33b04e7f5e0767b2d59e581489b0aa19a1ba8255bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87323
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 01:11:29 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5SCV3
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8942f72ed4776fb8151af290059d2f828e4f70e4c9a73cbb96bbd67cc4c1be71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62528
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 01:11:29 GMT
truncated
/ 		187 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96824fd49019510925d53dfe028729514652acc1b2738a8992df481a078b42ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
950c188cdfb7a89829b3eb13b4487c39ffec62c9def11e46fc5e81074b80c6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
042cb3f8992be02a2654d8e605c8736f83a54a22e837355891ae4f188630e25f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		294 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec8b1b8fc1a6faef11240bf579a82269fad546aa98662ff239a6c19a4bdbdc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d47eb7855ab1ec2488e616614c88ebb25fb78678a4ded5456404c68ee77a217

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		45 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf562686da9f727152e16d29aef848a790f2fc64a76c8a9a818750b2b691a65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9629282170f890df83afeeab58201910d8ab4693654ba99b3fc95f2d9e8a7f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58a9f288fac2463d7f1dead1df14e316a865ec32bc23a52657e670e2f228c40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29af9754501905e928b4f480e003d1414026f6fbb88b10d126c89b01553adb19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fcacb6ea7c171d52fde83c99e81b210ce20ef14574dd345a7275fabfb6593db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f59abd7465722f4e3f8f012dc5817b7b634173a2d72be29d8b5da628b573ea3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cc0cba3fb21b5b98e5cd32c04c232b6281764b4afa41544e9057398287e6736

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
documentario-costa-brasileira.jpg
marsemfim.com.br/wp-content/uploads/2013/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2013/01/documentario-costa-brasileira.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a9865af6009c8983d4f7ad7faefa67993f91ae872b20dcada17b61c19beda4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
38603
last-modified
Fri, 22 Oct 2021 09:40:13 GMT
server
cloudflare
etag
"96cb-617286fd-5731f1;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BPFeXUAEfLi0jLQMidNW1oAtatJNstOht2NHz%2FZZXTztbNlxhSBK8igmmqv4TALH58JXZYIjKnC%2BgL14%2BzPvy3WZyZPW5dmzcFt5zAMvxzMG%2FKePH7lepYZ8im4y5VDCJpI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf759ad4145-LHR
expires
Sat, 13 Apr 2024 23:05:13 GMT
documentario-viagem-antartica.jpg
marsemfim.com.br/wp-content/uploads/2013/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2013/01/documentario-viagem-antartica.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907c21b6a860bba1f51b1a7895a50e8aee72c8ae2e5fa14be1b2ad738bcd2ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26397
last-modified
Fri, 22 Oct 2021 09:40:15 GMT
server
cloudflare
etag
"671d-617286ff-57320b;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geIzmIUJikU5CJbW0Qn9B7YxIYe5%2BCnaNGbweKOrluswZ%2Bc%2FpyGef1Dpz9J4dDkVuLuX41zjk%2FV%2Fvm7YYxziB%2FhllMnL6xeZBkOR3meZSSFCB2klQ9xyF5rfZSJN5%2BxXAj1s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf759ae4145-LHR
expires
Sat, 13 Apr 2024 23:05:13 GMT
documentario-unidades-conservacao.jpg
marsemfim.com.br/wp-content/uploads/2013/01/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2013/01/documentario-unidades-conservacao.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b5161f14d2187bf7d5d3adc60774105e9375e77001fcc81e6d284ed44d93ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
40982
last-modified
Fri, 22 Oct 2021 09:40:16 GMT
server
cloudflare
etag
"a016-61728700-573225;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGYSU%2Fkk5EAvGzFI0is0%2BD6La3o34GulasYQBN08J9S2MCYZMT7xBsgsSTVq1fJoMofsAVP8DS3ONMPOnmNfJOhUWAAaDe%2FVX2X%2FHWYhZaaq3dLw%2FWUKl9GwyIXCI3l0Tkvj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf759af4145-LHR
expires
Sat, 13 Apr 2024 23:05:13 GMT
terceira-temp.png
marsemfim.com.br/wp-content/uploads/2023/09/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/09/terceira-temp.png
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7da96b050b36f6e29ec3b7df6dc2e1b7ee1a44d357c84e7acfa7e9c931fa333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
192668
last-modified
Wed, 20 Sep 2023 14:19:13 GMT
server
cloudflare
etag
"2f09c-650aff61-302bc1;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FR3uB9lhbv4HdqZzwDjjqhGRF0B%2BQzNuSz7zKaSdG5J%2FLPg02i%2BiN2Gkq28SBBpVT%2B%2BV%2BxL%2F79WqCxIMUBOTPBa7MuMkTZ95%2BILebxcC5J7v%2B3bMYjjS80gR%2BtuogrAjhTk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf759b04145-LHR
expires
Sat, 13 Apr 2024 23:05:13 GMT
Tuvalu-Pacifico-copiar.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Tuvalu-Pacifico-copiar.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd1bb6662672d9ae911c76f04de264a549983480201e5ab11f6282a60a429e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
178194
last-modified
Mon, 16 Oct 2023 22:22:35 GMT
server
cloudflare
etag
"2b812-652db7ab-306050;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9co%2BSeCHPw6XpD946XrM9akMhOIGx7Ja1bJZLE6fq19qvvSOp4ORm7%2Ftxj9Z6Ul7swQJ9aA%2BBuIepJ4cZVtZ1BQigESSCGhf8QKM11dY4oI%2FQeRmOrenubKEfCl1kQderiJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca064145-LHR
expires
Sat, 13 Apr 2024 23:02:38 GMT
Port-Royal.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Port-Royal.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67f1c3997a49fabf9cc1b4fd0069a30c814ecee63a6a0b4545ad4b5345052cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
290893
last-modified
Thu, 12 Oct 2023 20:29:53 GMT
server
cloudflare
etag
"4704d-65285741-306000;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7879BHcc8jCgJWJmXQXBplzynaN2YCrU3jGXsT3QsNLwzFBkfQ8iPL2%2BI6ZCPWdIQQXP5ZSCtt4%2FTIN1KBc19sY38YVyMd%2FyLggVUIIrXN6%2Bzt%2FWeJsn9iJNKTle7w%2BHA9r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca0c4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
zelandia-o-oitavo-continente-copiar-300x220.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/zelandia-o-oitavo-continente-copiar-300x220.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7feda4440f974f77d94ba29bed6f82e3dfdbbbae1b3b473d95dc860788b9b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
19905
last-modified
Wed, 11 Oct 2023 22:32:21 GMT
server
cloudflare
etag
"4dc1-65272275-305f92;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BwaU86vu4wR2B%2B6WMxjOh2eWiT9e%2F3Hsvs4dni%2Bjxce9uT7b52cFeil7E6wHfpC5P%2BzL7Z2gpMxaceIYNnA5P2k444vko439FGEIw4nyOlKOwddB%2FF9R2H7qDuyUFq1tm77"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca0e4145-LHR
expires
Sat, 13 Apr 2024 23:22:37 GMT
Singapura-William-Cho-300x220.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Singapura-William-Cho-300x220.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc38df7ab0b6c4b69f93c31ffdf353ac5e82f32348bb7d04bb285eeddbba55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
27168
last-modified
Wed, 11 Oct 2023 21:11:47 GMT
server
cloudflare
etag
"6a20-65270f93-305f70;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TKrI8xudRGhSM3iaJlHLQNEo61WeHJ9Qljf9hC65PTc6eAa%2FhOvEqL0LdvhNM4o6HyPc25lEl8LlfjxDkde9%2F3sWLFHKKodqou6B13kGg4e4hwWX63O0YC8QSUz7X0gUJuZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca0f4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
baleia-franca-vista-a-partir-da-praia-copiar-300x220.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/baleia-franca-vista-a-partir-da-praia-copiar-300x220.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb94f220d766d53fafd840b88adac2820a64e4c5991751ff7339ed0c6dbc0fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14704
last-modified
Mon, 09 Oct 2023 21:50:13 GMT
server
cloudflare
etag
"3970-65247595-303dd6;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKaDL6Wqz46qy4aV2bJ8OUIF4ce2tE655ggzHjBeFIg%2B2u31M3zO8aCzolKtZfuoBkaKUn7oEEmv2qP9bcCo5836ZrHtmJ1ucHA2sAyYslGOZW0opbDEwDNUljkLzSvSIo%2FH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca104145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Colonia-do-Sacramento-1-260x195.jpg
marsemfim.com.br/wp-content/uploads/2022/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2022/11/Colonia-do-Sacramento-1-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17722f8f0529a89584ad34234594c7cd7584a07abd45f38a706eccae2fe9c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14057
last-modified
Wed, 09 Nov 2022 17:40:09 GMT
server
cloudflare
etag
"36e9-636be5f9-2fe797;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtvJigcr9caWYkBD2o%2BPNurbGLL4YXtitSCdpVTB3FCsuJE9MpnWKqLKMXjeE1RJ0CKjarmwLw36uihnQ73m0aNTFpe3%2FYoUipjiAGnClWCkjjpJSwW0t1P%2BpJVEEMrum8cS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca114145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Mazagao-porto-interno-260x195.jpg
marsemfim.com.br/wp-content/uploads/2022/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2022/11/Mazagao-porto-interno-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd883610608b1fdbe8e8ea6dc16fd5d05773c3570ae5ab86c8f0beb1ed2d272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9427
last-modified
Tue, 01 Nov 2022 14:40:22 GMT
server
cloudflare
etag
"24d3-63612fd6-2fdef4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvibX2lfE%2B1h7IHHL8twQ3qUnLZzl5vkvnEXAMrnYaJM2B%2BAcS5xP3BuVMq0rbKAeJ3J3OKf7I0aN2PVxiCHp%2BWYu9ORymo%2FV25JFBGvcn8UEfrBxaXVDM6o8S1JIR7QwFIU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca124145-LHR
expires
Sun, 14 Apr 2024 01:11:29 GMT
Antonio-Colucci-prefeito-de-Ilhabela-copiar-260x195.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Antonio-Colucci-prefeito-de-Ilhabela-copiar-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58286370a7eba4b7f9bdf21ab2ca0fe01e0cdf5d4753b9da362644d4883e4960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17048
last-modified
Sat, 07 Oct 2023 17:05:03 GMT
server
cloudflare
etag
"4298-65218fbf-303da7;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUZPrs8cgS1vwu7BTUytlDK1jmbeVtlxtBQcE1fhNT7kPOAvmp7E%2Fezg2FYUv3b81fUZ9nOYfYW4oxg5xzxaq2Mv5DiyhSasXK4NaXDngB%2BvS9MsrftqzDZds9zAXm2zlfQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca154145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
praia-do-viral-em-aracaju-em-2023-com-uma-ruptura-para-passagem-de-agua-1695995946460_v2_750x421.jpg-copiar-2-260x195.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/praia-do-viral-em-aracaju-em-2023-com-uma-ruptura-para-passagem-de-agua-1695995946460_v2_750x421.jpg-copiar-2-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c787b69eb9114af80f57ed99c77ce2ea7b4675a8a65a3470bdc193b7b6513f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8001
last-modified
Fri, 06 Oct 2023 20:05:42 GMT
server
cloudflare
etag
"1f41-65206896-303d79;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpJX7JR5tF2%2BMc5DRvgWYVNScreasBbU1FO2R6nXLiu6BXOFwOe0dnCiQFnqqdWs%2Bt3OvyF2Lb%2BZq7aE76cjEtnYXIamAc8eFJEvTe%2BYJOD50P9Yeh98TorvsLlZsnuSPHcO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca164145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Cicatriz-imensa-copiar-260x195.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Cicatriz-imensa-copiar-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ea87f77569f6466de8bf1ce7083267de7d09ad578284eb3f7ded0d8447fc1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14147
last-modified
Thu, 05 Oct 2023 20:59:29 GMT
server
cloudflare
etag
"3743-651f23b1-303d3f;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPHAK7jbwsFMNKBm6eG2MGBOFa3sTlpER6eViP2dVgxG4NsKN68nEYuTmtOwT3L%2BPeFWplwqudbeaOQnQfp%2BeTM65cEfvdMWAJYcxEkNiCl5QDwz%2FKo76j6RA9VbnUJK9MXf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca174145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Crime-ambiental-no-litoral-norte-paulista-260x195.jpg
marsemfim.com.br/wp-content/uploads/2023/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/10/Crime-ambiental-no-litoral-norte-paulista-260x195.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383ffc5de4f86af780fda9593c7729a5418defab76e749be89fc92d3e8aad2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13649
last-modified
Mon, 02 Oct 2023 20:32:34 GMT
server
cloudflare
etag
"3551-651b28e2-303cbc;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92yOmXqoIsKnsKjp0KY0VbtX1R0%2FY5dv%2FP%2BvTCLioD8Bbfm5Tcei8lNdYp7sijN40wO3J%2BkdLmqWkFzrnZFDrVcU%2FxQwSW7W2M9KJSxT6Fn1AyDs3wvpyv4H0ZIBjantY352"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca1b4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
A-orca-c%C3%B3pia-100x70.jpg
marsemfim.com.br/wp-content/uploads/2020/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2020/09/A-orca-c%C3%B3pia-100x70.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58836a14c7921e4c2d2813e716d6c1b2ade01a39ffccbdb47a68d4ff565ca2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2505
last-modified
Sat, 16 Oct 2021 12:00:14 GMT
server
cloudflare
etag
"9c9-616abece-4367eb;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYXnoxvCp%2BZWAgSNu2GUTyKcBd0bmr0do9yeOAj%2B5E7C6VquZ%2B8gJspya%2B66UsMIs6yuaWj8%2BFjDV%2FHX0BEriimNo42PiGucTzk3AcEhmSmJFjxnbCG5D%2FtfEfM%2BColMr4L8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca1c4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
amazonia-c%C3%B3pia-3-100x70.jpg
marsemfim.com.br/wp-content/uploads/2020/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2020/09/amazonia-c%C3%B3pia-3-100x70.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b613ff6730d44328892e546366587fee5c50cab1b9de4e9638f86dcb0ad35127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1868
last-modified
Sat, 16 Oct 2021 13:00:18 GMT
server
cloudflare
etag
"74c-616acce2-436be5;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rix%2BDDTjC0lPH4LpXOxtf880Dp0spubO35WZhqfe4plcwZpUVm5t88J7PLtTZz2MSsjpi3unM1zMIl%2FGPzklvdS90B3oYq1DbiedFZQinSpXT3E1AayWr%2FxQHEwGyDtwdCau"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca1e4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
dener-giovanini-c%C3%B3pia-1-100x70.jpg
marsemfim.com.br/wp-content/uploads/2020/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2020/09/dener-giovanini-c%C3%B3pia-1-100x70.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79cc13080973e3d26fd6af987bad4e93112844119776437b58339b80c5fac53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2279
last-modified
Sat, 16 Oct 2021 16:20:32 GMT
server
cloudflare
etag
"8e7-616afbd0-4374c4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qsCOhQ0NbwNz4lhOWpgNrWexQluZFdClRv%2BlauCl%2Fn6PcGJQkrrMU6vc4xWFjmuM72NU3VSaWgl6nqm9T1Tk2X68wnU6Gjwwye9mV5ebwS3PUzkCPBpG7uWW7e2uKywGnT4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca1f4145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Eixo-da-Terra-deslocado-copiar-300x220.jpg
marsemfim.com.br/wp-content/uploads/2023/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/07/Eixo-da-Terra-deslocado-copiar-300x220.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa2193c1ef0932132b736b0f9478dafcf9304f63fa0bd6106bd57013d3a478a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17149
last-modified
Tue, 04 Jul 2023 18:12:07 GMT
server
cloudflare
etag
"42fd-64a460f7-304c46;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmrKViOVS%2FLCzWLMD2D0N%2B%2F9c%2Be8MdY5jEROHzLh9Ri6oEBJzeGxRQgWGp9Pv4vCaYHQR0qoxGGYJhEZczfFFE%2BHbk3xUun3Fxt96V2AJTBULWYiLBsSgFcVYxE%2BPMRxqmDK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca214145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
Jangada-copiar-300x220.jpg
marsemfim.com.br/wp-content/uploads/2023/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marsemfim.com.br/wp-content/uploads/2023/06/Jangada-copiar-300x220.jpg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735c1d40c4ea92154a047f710a151e7e814814072c4b17ab4ee8dfb8aa5715b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
22374
last-modified
Mon, 26 Jun 2023 19:12:03 GMT
server
cloudflare
etag
"5766-6499e303-304838;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBVBkYEvFslfA7YtA%2Fu74K7XEdI%2B%2FMpyzWMddSM361RI3yNaeqD2t%2FxemHRGELlFJUebtlmL%2FXonCLxRCOD9bouG47PmppG75%2BzDmKCKK2D6iDPgahKe1Z4%2BoiaNtpiVWBXW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174aaf7ca234145-LHR
expires
Sat, 13 Apr 2024 23:05:12 GMT
truncated
/ 		112 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8c447f85fe213498060d0cce8ed61bf5af2f371c056434d13e39fc126de940d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		765 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbc2adaf689e264e05d33c0e4606fb607a28432c04331c33c3fb87c00b8fd55e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		138 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b503aad545c10a6bda30eb3fee3b081777ca6bf3ce0c501d75ca844f72cbc37d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		391 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fdc0177eed51eb10b828c2d022c0d431cf1ea30d59568a2d2a0a9423c19ddda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		469 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
319c6305d4d30901d71afb07121e3d0508395676d19e467aa07b8d7847f01e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		901 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f79f37d4e8b859666befd78e5632083f4082be479791f697c1bcb743930daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		877 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54b8fb82a84ba43f8fdac7cefaf50ad70220ab75b6c422b7bfe38d4248af332e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
text/javascript
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
4dd3f4aec161b9a8e98bc3b6ef5494dcb290b72271ddc0a59f27a605e2ee627d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 01:11:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 01:11:29 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1D7ZB23JEM&l=dataLayer&cx=c
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
682a23c252a8f44406c8e1a862528899c72cd527bca828ffe7c6de1aed6cf3fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91560
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 23:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4796
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 01:51:33 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2392
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8174aaf9b98403fd-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 01:11:29 GMT
1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v11/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v11/1YwB1sO8YE1Lyjf12WNiUA.woff2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:05:23 GMT
x-content-type-options
nosniff
age
306366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26144
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:40:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 12:05:23 GMT
wpion.woff
marsemfim.com.br/wp-content/themes/ionmag/images/icons/ 		18 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/themes/ionmag/images/icons/wpion.woff?2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77db55a948b5b61aca1f9b49e4968416973e4042e938ef6e11151cd4ad547063

Request headers

Referer
https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2018 02:38:25 GMT
server
cloudflare
etag
W/"49dc-5a615a21-2b5b22;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imZJniKKjbRMR7ORqQ8Y7vwzpl8rZpLzSAoC1mrwgHlt7BTo7dQlflasgFO0QV%2B%2BXuGAjDKNyoLdTWTBsY5uLQ%2FCwh%2BGgOnTTF9JTzpH0OWBRQzJwyJW5PjUufmMoo5iwbms"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
cf-ray
8174aaf9eb5a4145-LHR
expires
Sat, 13 Apr 2024 23:00:23 GMT
logo-estadao-azul-120x26.png
statics.estadao.com.br/s2016/portal/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.estadao.com.br/s2016/portal/logos/logo-estadao-azul-120x26.png
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-163.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80dc64a254aaae62fb31563d40ddf7c06d83abed1c7e404e4c9fcc843502950c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
last-modified
Wed, 27 Oct 2021 17:56:11 GMT
server
Apache
etag
"10017c1-b25-5cf594f2de4c0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2853
expires
Tue, 24 Oct 2023 01:11:29 GMT
home1221.mp4
marsemfim.com.br/wp-content/uploads/2021/11/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/uploads/2021/11/home1221.mp4
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986238d8726c909875bb31386b751192574e0575addd074300485653c883685f

Request headers

Referer
https://marsemfim.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 11:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"35efb0-619b7f65-46eaa2;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb%2F%2BrS0UiG2cdebnEniar%2B%2BTkDpVa1t6OG9sIlLiNUsNzSPeWRSMjH05XJ5NwWvl9ELQw29uIsOBZJ7rxB6e8%2B%2Bqq8TQHYuBN1BacI9s0fmnsPUnfJ5%2B%2BbapUTT8QZO%2BYqHC"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-3534767/3534768
x-turbo-charged-by
LiteSpeed
cf-ray
8174aafb0c0a4145-LHR
alt-svc
h3=":443"; ma=86400
Content-Length
3534768
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 01:11:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
5sliCSqUCg2EHK1qx7zDIjuK+/MbmQ4vwxa+vkMPcV++bm/3eN5C7QeR3cHJJ9rcNDpWsZZ4YqHZzcPKO6YKDw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
swg-basic.js
news.google.com/swg/js/v1/ 		244 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-basic.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
4c8b4338151a09bd454dc78f4d9ae117e164ce8ac44f18311db1d2c8c7183b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 00:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71962
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 19:27:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:49:55 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.70.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
via
e7s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
52877
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 24 Sep 2023 10:29:33 GMT
server
cloudflare
etag
W/"c09-60618514a9dca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=172800
cf-ray
8174aafd8edc215b-CDG
web
onesignal.com/api/v1/sync/149956af-fb95-4fa3-b828-7e60e8b38924/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/149956af-fb95-4fa3-b828-7e60e8b38924/web?callback=__jp0
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52917fabf61dbd5a4b2389cf617d19d588d05071d2b0273b3c18047444d85f01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
908309a5-c194-4f24-a21b-5282c9328ece
x-runtime
0.035536
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"52917fabf61dbd5a4b2389cf617d19d5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8174aafb7ab003fd-CDG
access-control-allow-headers
SDK-Version
expires
Tue, 17 Oct 2023 02:11:29 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:36:55 GMT
x-content-type-options
nosniff
age
369274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:36:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
377918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:12:51 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5c49dba84c1cbff67508623a16507105bde5be084f2beabcc276b03c4555968e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:19:09 GMT
x-content-type-options
nosniff
age
294740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:19:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:02:57 GMT
x-content-type-options
nosniff
age
317312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 09:02:57 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:13:28 GMT
x-content-type-options
nosniff
age
269881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 22:13:28 GMT
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1D7ZB23JEM&gtm=45je3ab0&_p=1546167546&_gaz=1&cid=167769579.1697505090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697505089&sct=1&seg=0&dl=https%3A%2F%2Fmarsemfim.com.br%2F&dt=Mar%20Sem%20Fim%20-%20Especialidade%20no%20mar%20e%20na%20zona%20costeira%20brasileira&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1D7ZB23JEM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1D7ZB23JEM&cid=167769579.1697505090&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1D7ZB23JEM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.157 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:23:45 GMT
x-content-type-options
nosniff
age
377264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:23:45 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f94b7756c96411b34b90cedcd0234fb84c06127006b9af456d7633705ba8513b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:05:13 GMT
x-content-type-options
nosniff
age
306376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14192
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 12:05:13 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:39:59 GMT
x-content-type-options
nosniff
age
63090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 07:39:59 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:44:48 GMT
x-content-type-options
nosniff
age
235601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22476
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 07:44:48 GMT
tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:16:26 GMT
x-content-type-options
nosniff
age
280503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25980
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:47:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 19:16:26 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:18:14 GMT
x-content-type-options
nosniff
age
370395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:18:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700%7CSource+Sans+Pro:400,400italic,600,600italic,700%7CDroid+Serif:400,700%7CRaleway:300,400%7CRoboto:300,400%7CPlayfair+Display:300,400&display=swap&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 14:58:03 GMT
x-content-type-options
nosniff
age
209606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 14:58:03 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1546167546&t=pageview&_s=1&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ul=en-us&de=UTF-8&dt=Mar%20Sem%20Fim%20-%20Especialidade%20no%20mar%20e%20na%20zona%20costeira%20brasileira&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=598408672&gjid=1691926626&cid=167769579.1697505090&tid=UA-37604055-1&_gid=2025122209.1697505090&_r=1&gtm=457e3ab0&jsscut=1&z=1259972
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1546167546&t=timing&_s=2&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ul=en-us&de=UTF-8&dt=Mar%20Sem%20Fim%20-%20Especialidade%20no%20mar%20e%20na%20zona%20costeira%20brasileira&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=JS%20Dependencies&utv=load&utt=2360&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=167769579.1697505090&tid=UA-37604055-1&_gid=2025122209.1697505090&gtm=457e3ab0&jsscut=1&z=1327801458
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 18:40:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23458
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37604055-1&cid=167769579.1697505090&jid=598408672&gjid=1691926626&_gid=2025122209.1697505090&_u=YADAAUAAAAAAACAAI~&z=1086412047
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.157 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 01:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
878623792166593
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/878623792166593?v=2.9.134&r=stable&domain=marsemfim.com.br
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
85d84abda820321f99ba661428ae4bcda2d6b8390808cc83c98111134bb972d7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 01:11:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
5bm3HyMCCxW05wPD2yQc10FkJeYNP38U/LBQ5npnf427GkvuQyEDY+svjXNYppzB+mdwJ40CEDMgbG4bUPbhHA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 02:00:04 GMT
swg-mini-prompt.css
news.google.com/swg/js/v1/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-mini-prompt.css
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
64756c19bee5e8d01058b314e7d783f74489b1c667f8db67010d05cca73a8bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:07:08 GMT
x-content-type-options
nosniff
age
262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2717
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 21:44:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:57:08 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 00:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:45:26 GMT
sm.24.html
static.addtoany.com/menu/ Frame 48FC 		677 B
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.70.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1832265
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8174aafe3f4c215b-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 01:11:30 GMT
etag
W/"2a5-5edb40e6d10d8"
last-modified
Fri, 18 Nov 2022 00:47:55 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
core.f4498a6a.js
static.addtoany.com/menu/modules/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.f4498a6a.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.70.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://marsemfim.com.br/
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
via
e7s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1939519
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 24 Sep 2023 10:29:31 GMT
server
cloudflare
etag
W/"11650-606185138cb5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8174ab00ae4d0224-CDG
article
news.google.com/swg/_/api/v1/publication/CAow_ebKCw/ 		938 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/CAow_ebKCw/article
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
7ea980a2aa4fd3ca3284018a3be89c029000b7809af97421c0d24c2c1c682541
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37604055-1&cid=167769579.1697505090&jid=598408672&_u=YADAAUAAAAAAACAAI~&z=1414798816
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2392
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8174aafe8cf903fd-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 01:11:30 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=878623792166593&ev=PageView&dl=https%3A%2F%2Fmarsemfim.com.br%2F&rl=&if=false&ts=1697505090375&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697505090374.15...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ec=0&ev=PageView&fbp=fb.2.1697505090374.1506107887&id=878623792166593&if=false&it=1697505090252&ler=empty&o=30&r=stable&r...
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ec=0&ev=PageView&fbp=fb.2.1697505090374.1506107887&id=878623792166593&if=false&it=1697505090252&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697505090375&v=2.9.134
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Oct 2023 01:11:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fmarsemfim.com.br%2F&ec=0&ev=PageView&fbp=fb.2.1697505090374.1506107887&id=878623792166593&if=false&it=1697505090252&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697505090375&v=2.9.134
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
icon
onesignal.com/api/v1/apps/149956af-fb95-4fa3-b828-7e60e8b38924/ 		184 B
822 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/149956af-fb95-4fa3-b828-7e60e8b38924/icon
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7605e6ca7af5926f1ee83835fa30f98a8aebb8136ebcd0238c800422414990e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
332006ae-71d2-41ac-9ec6-f9512e68a1da
x-runtime
0.014603
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7605e6ca7af5926f1ee83835fa30f98a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8174ab012c06d6a6-CDG
access-control-allow-headers
SDK-Version
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c790cca988aa90049a7b9c6481eed1b8f0f4f94bc266619d1c5dbdf1e7a74a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51049
x-xss-protection
0
server
cafe
etag
9011303593457748140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:11:30 GMT
12bb430be526cebb26b7248683b51fab.js
scripts.cleverwebserver.com/ 		126 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/12bb430be526cebb26b7248683b51fab.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2f50870e00e797981885b7012cb5d5536efc0250fca1e967f7cf15f53d7b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
x-amz-version-id
G4NtRGLGZmBiLquJaDTVJGxHGt5TPS0i
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 22:25:26 GMT
server
cloudflare
x-amz-request-id
DB60TSQYKKHYWAGP
etag
W/"e79da9917a387a53630926ca43f8ebe0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
8174ab022d5b22af-CDG
x-amz-id-2
d3ufJWSsSDSn/aE/PMEFsz7t5bxuB1bSzrpEuCz67bh33FqZI2euZieeZZUouhTwJdnhD6mGq4M=
expires
Tue, 17 Oct 2023 01:41:31 GMT
asyncjs.php
adserver.latinon.com/revive/www/delivery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:30 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
11dac5182c2ea03a67dd87cdf9937cd5
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Expire
Tue, 17 Oct 2023 02:11:30 GMT
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
serviceiframe
news.google.com/swg/ui/v1/ Frame 9375 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1697505090548&sut=Ab9pFDZWT9P1uANvlU9kvXbupSYY0MMMnJRSYW3WoyHj067QK4ITNSI7ZzfM8b4cTWunkCx3G3XVfmPWbelukFrTGHy3KOVoXKeO0rY7BiYLQfOZxA%3D%3D&publicationId=CAow_ebKCw
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
c4ec095bea4ca3fa099f5f4c17ae50c2266a57a975447c9061a6ef9eaedc90c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MCdzh8mDwSM2AyPnW_Uwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MCdzh8mDwSM2AyPnW_Uwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Tue, 17 Oct 2023 01:11:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/ed=1/rs=ABXTjI7c-RgRs4ktXvMoRD4qzdElf55SuA/ Frame 9375 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/ed=1/rs=ABXTjI7c-RgRs4ktXvMoRD4qzdElf55SuA/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1697505090548&sut=Ab9pFDZWT9P1uANvlU9kvXbupSYY0MMMnJRSYW3WoyHj067QK4ITNSI7ZzfM8b4cTWunkCx3G3XVfmPWbelukFrTGHy3KOVoXKeO0rY7BiYLQfOZxA%3D%3D&publicationId=CAow_ebKCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 15:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 15:52:51 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTj... Frame 9375 		197 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1697505090548&sut=Ab9pFDZWT9P1uANvlU9kvXbupSYY0MMMnJRSYW3WoyHj067QK4ITNSI7ZzfM8b4cTWunkCx3G3XVfmPWbelukFrTGHy3KOVoXKeO0rY7BiYLQfOZxA%3D%3D&publicationId=CAow_ebKCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
ea0fa806e0406db8c007bc057500bfc2c320d17b578df9d44a2d56292586b68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70949
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 18:49:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:18:45 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 9375 		0
206 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8TSkJR96KCVqmck7i3uswg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 17 Oct 2023 01:11:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-8TSkJR96KCVqmck7i3uswg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
6c945191-ab99-42e4-a4bd-60982eb97074
img.onesignal.com/permanent/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/6c945191-ab99-42e4-a4bd-60982eb97074
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe0e2665be7c94ca46528decce19ab9bd99bbb374e75f0b967dfb50de578c24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Tue, 17 Oct 2023 01:11:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtml1w8HZXVd5_gMx3l7pUHepg70PyWBWjLWb-GcRT2PAolLPL3SxkVyrGBmvaO9CFKsKliaVM-J-yMDJyieEvF6E3SYbmH
x-goog-meta-x-goog-source-etag
"2e7bad870ed8a3aacaacb9637a3c7e40"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
20239
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:25:36 GMT
server
cloudflare
etag
"-CPap66KIlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345136043254
content-type
application/octet-stream
x-goog-hash
crc32c=Bo1RJw==, md5=Lnuthw7Yo6rKrLljejx+QA==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
20239
accept-ranges
bytes
cf-ray
8174ab019f6503fd-CDG
expires
Fri, 17 Nov 2023 01:11:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_fy2021.js?bust=31078858
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
f0f3e6c5a15526ca775b8f23e7d7da28c81a443851690dfc6edbe6df49089d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136703
x-xss-protection
0
server
cafe
etag
16667841597755942193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:11:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 5320 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Mon, 30 Oct 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
db2b39edbfdb1ecf1dfc437b38508e4c88f0be979f655976c090639be9ea20e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43842
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
ca86b49bb4e23770e711f22e49c86dda895840f6a0ddff81adf511d88b7b35e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1837
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
cookie.js
partner.googleadservices.com/gampad/ 		399 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=marsemfim.com.br&callback=_gfp_s_&client=ca-pub-3162263873650055
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6fb0a61f7802f52b94ef88eb2d820d81cbfee399eb2919e404cee9d8a4cb3986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 754B 		727 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=49809442&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505090995&bpp=11&bdt=2368&idt=127&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&correlator=1746554946651&frm=20&pv=2&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5HQXe8yEJW&p=https%3A//marsemfim.com.br&dtd=167
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4d7ad1bd25e1fd955f01bea8161dcf628b4e1829dc6f28835ee87c42fd2344e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
357
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 01:11:31 GMT
expires
Tue, 17 Oct 2023 01:11:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ui.cleverwebserver.com/ 		160 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84aecfc34c0e1f64eb4a7c572d4be4208379acdf9671cb2ff267ac9a3878cd60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8174ab03fe5f22af-CDG
content-type
application/javascript
ads
googleads.g.doubleclick.net/pagead/ Frame 4D10 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
129737ce69996a252f10fd1977d7557778285b37e584aef8ffede5129f6c4265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14921
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 01:11:31 GMT
expires
Tue, 17 Oct 2023 01:11:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0786 		727 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=280&slotname=9139786369&adk=650593086&adf=3833015032&pi=t.ma~as.9139786369&w=1100&fwrn=4&fwrnh=100&lmt=1697490058&rafmt=1&format=1100x280&url=https%3A%2F%2Fmarsemfim.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091009&bpp=4&bdt=2382&idt=193&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90%2C1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=RYS3pst56b&p=https%3A//marsemfim.com.br&dtd=199
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9e213036e055bb91497be04fff5b310817a7cce448b4fd12eca7c2452230969c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 01:11:31 GMT
expires
Tue, 17 Oct 2023 01:11:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		236 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		1 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
e505675e74a2562460c2ce86929d6b656d70dd562234f83c3e511a59df5c95e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
2e736aa5278761ff11925b6072d2b0e61d4d731df2c9693698407bc5bb7a8125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6419
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9D16 		24 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&adk=1812271804&adf=1573534164&lmt=1697490058&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fmarsemfim.com.br%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091042&bpp=3&bdt=2416&idt=242&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90%2C1100x90%2C1100x280&nras=1&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=273
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
56dd5c42770c0eab9db9b62478a94c3d90256950033134c9cf5f1ffb69a3a94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1956
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 01:11:31 GMT
expires
Tue, 17 Oct 2023 01:11:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=onesignal-slidedown-container&cls=onesignal-slidedown-container%20onesignal-reset%20slide-down&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 9375 		155 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-5630169382987470833&bl=boq_subscribewithgoogleclientserver_20231015.09_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=11492&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
a034ed55e9341043adfee46b50afad8f6a1fd0db8f2e5e985541fadc7ba75a83
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=50301&c=DE&r=NW&l=151&b=Chrome&os=Win10&mob=0&v=1.54.0&ref=aHR0cHM6Ly9tYXJzZW1maW0uY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8174ab04ef2b22af-CDG
content-length
43
content-type
image/gif
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1... Frame 9375 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5-y4nXw7-pW9yG_4Zvhcpl-0cttQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
8c1346314bcf1f9d3fa2e8d99ad9e82dbd8960f9779fc52fa2af13601e0c65f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37146
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 17:28:08 GMT
log
play.google.com/ Frame 9375 		131 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:32 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 17 Oct 2023 01:11:31 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 17 Oct 2023 01:11:31 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 17 Oct 2023 01:11:31 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9375 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:32 GMT
log
play.google.com/ Frame 9375 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qDnMETCuSfo.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6uF05F_EK_7HlzyeROkifyR-JkMw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:32 GMT
nunito-v8-latin-700.woff2
marsemfim.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53

Request headers

Referer
https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18912
last-modified
Sat, 16 Sep 2023 10:59:19 GMT
server
cloudflare
etag
"49e0-65058a87-2ff456;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zM2JcwFqeAOdWVr3G6dSfdUeDJSCtBPx%2BZiKgtwHWt%2B5hLFUnIpaYMiWD6eDa2zR1OX1H2%2B4BlJRnN5plrhAZExQerdYxEG1SGvmxL4cYFZxFlyB5esFp8qvncL9jpLAt4Q7"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174ab072b434145-LHR
expires
Sat, 13 Apr 2024 23:05:16 GMT
nunito-v8-latin-regular.woff2
marsemfim.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marsemfim.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d

Request headers

Referer
https://marsemfim.com.br/wp-content/litespeed/css/a92d230ca1c68ec744f3f4c941201ba2.css?ver=20936
Origin
https://marsemfim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18796
last-modified
Sat, 16 Sep 2023 10:59:19 GMT
server
cloudflare
etag
"496c-65058a87-2ff45b;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb8JYh7%2FA%2BJI3YTJNbhJbKp3HnytXbitiwMk0dWL%2BX6nLWJGg3bvKS8hkzFQoLZB%2F6qGDL3bMJFPtv2lo2m4jcItwwNaG2RVMqE7GTppySjhfaCw5Ta2j22%2Bp1C4AGSx9Xj3"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8174ab072b474145-LHR
expires
Sat, 13 Apr 2024 23:05:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F0AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0Ou9Q98tZdLSGPac9u8PqpquwAjXrJyCbsrq_Lz9EMCNtwEQASAAYMkGggEXY2EtcHViLTMxNjIyNjM4NzM2NTAwNTXIAQmoAwHIAwKqBPcBT9B_bzM7AGTcyJcsjBcoXdbVebGlmMZrl9SUbPOw3IUjz61FQ5zEVZbT_6cy7pOphiber3HyRayvKkcDMfMrsTGPd42cwCfSwCuTQ14c8WuGNxfXPL1srYrwe3R7lpB4avcOeSxvAjaH0f00l_0oicOZpHIvFWfLSH4VmAynDv9bP_fV0LHJEwzd1C9wlo4_yXaiAledbk6m2ALFK1Xlv47bRDGSrC8IcA7TOVxKUhU2JhHPq-LzBLv9otLHazIGzTYLGToizDuc-DVa2VxaKWMMZQLvXjAzCFSTSUCo06HbQXkozTEJpvJ8Gx7cwBg1UeABLERBeoAGxJChpfKYiaFFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTYyMjYzODczNjUwMDU1GAA&sigh=4XjvCMT_qVU&uach_m=[UACH]&cid=CAQSSwDICaaNRD7QJNMEYQfc4TUDU25JJi91pCLrBAzc9rS2_608D0XaPo13YSDEPcodVv_cNDsIsj-dGRArYcBv_2dqDhM_R5hg9HJvjBgB
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 01:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:11:31 GMT
/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b529afd-6c8a-11ee-86e2-4ebd9928c495/ZS3fQwAGKVIH_Y52AAuNKvZRGAXfyUK-bEg8tA/V2HGMJL4EAYUDGEI3XMNSBBZGMLHNG5YADLHFNVFDWWY7G67PBDJXYICQQQWCIUCSEFCRW6... Frame F0AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b529afd-6c8a-11ee-86e2-4ebd9928c495/ZS3fQwAGKVIH_Y52AAuNKvZRGAXfyUK-bEg8tA/V2HGMJL4EAYUDGEI3XMNSBBZGMLHNG5YADLHFNVFDWWY7G67PBDJXYICQQQWCIUCSEFCRW6ZLSFVA2BSQHIFG2WUGCBCGABLT2ZY47GLZ23AA2IKBCT6NK3YVDHQZAMOHQNCDQ45MI4FH63RGIXDJI6ALGD6XSH66MCQAAQ6MXZQPZXOYSYWPSWLE3X3YWSKYZB23JXG44UOZPINYHDFA5WOEUCCH4ZPLWDZGND5Z3QDSVDYEI47N43FOQAPN743BRXHHFXXOEKPI33BYCIXHJF5DA5R4DEVHLPDUQWSYMZXWO6R2572TKAAWX2OPUQVNGN7AZ2WYGDTUMDI3VPDLT2XOBBRABEFDCIUECTAEYQD2KGAYYKDWVLZ4J2PPW322YS7FMAJ4ACDLS63AM4WNRESZJAVXJRCQJMPGJBGHNL5ON4Y4ZHTNHWRLBLTFGWSTMPNCWY23IDLCVZE5X4SXFUX6F42BKHZTSK4GO3ZRVNLTLZNKRMA/?
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.225 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 17 Oct 2023 01:11:31 GMT
Content-Length
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame F0AC 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 17 Oct 2023 01:11:31 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Tue, 17 Oct 2023 05:11:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F0AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
28188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 17:21:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F0AC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
41872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0AC 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:11:32 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F0AC 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 01:11:31 GMT
date
Tue, 17 Oct 2023 01:11:31 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542R7JNVRIHRJLGFLLGPILH7PKU2FF7ELQPE3JC2NXMYEXSIGEG3XHFY7EX6VKEYCDTQ37XO33DP2JMCO5UJCYEUOP53Z6G4FOEQHNV66LUFUYJMLYJ3MBOV35KZAN2QN54BAIX56NNXVTSZ6HOV... Frame F0AC 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542R7JNVRIHRJLGFLLGPILH7PKU2FF7ELQPE3JC2NXMYEXSIGEG3XHFY7EX6VKEYCDTQ37XO33DP2JMCO5UJCYEUOP53Z6G4FOEQHNV66LUFUYJMLYJ3MBOV35KZAN2QN54BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NH7GSP5GNON5R6ORA3G6LOCVFFFXDUBDQQEUIC6NAXW5HAZWODJTWAYMUCSTZWZU5UZL3OBU5B74C6GXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJER4P6Q34MKJR7JR4EGDSYYUGPP7IBMAY6HHH4OYLCFEAUUZ4IUQP5ZN7Q6EQFOBJ4Q/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.225 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:31 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
fa4594cfeab47626beacaa648e15f00bcc.png
zem.outbrainimg.com/p/srv/sha/ae/ea/cc/ Frame F0AC 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/ae/ea/cc/fa4594cfeab47626beacaa648e15f00bcc.png?fit=crop&crop=edges&thomcrop&w=180&h=90&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3162263873650055&output=html&h=90&slotname=6459451008&adk=259257353&adf=342417956&pi=t.ma~as.6459451008&w=1100&lmt=1697490058&format=1100x90&url=https%3A%2F%2Fmarsemfim.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697505091006&bpp=3&bdt=2379&idt=187&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1100x90&correlator=1746554946651&frm=20&pv=1&ga_vid=167769579.1697505090&ga_sid=1697505091&ga_hid=1546167546&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078363%2C44805112%2C31078301%2C31078858&oid=2&pvsid=3776373745201146&tmod=350284673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Q0jdMTeHh2&p=https%3A//marsemfim.com.br&dtd=191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5e8fbd2f6aa9caf116845100b5a77aee47bb2a81dc994198f892c81cebb9169a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1133085
x-cache
HIT, MISS, HIT
x-imgix-id
fc82adc524d746a4dec857ca6e63e1c2b004f05a
cross-origin-resource-policy
cross-origin
content-length
8930
x-served-by
cache-sjc1000126-SJC, cache-fra-eddf8230076-FRA, cache-fra-eddf8230126-FRA
x-imgix-render-farm
01.140360
last-modified
Tue, 03 Oct 2023 22:26:45 GMT
server
imgix
x-timer
S1697505092.884913,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
truncated
/ Frame F0AC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
534936de46764fb905f6a2b088562e2f203d1e310621639d249778be69a3d3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1D7ZB23JEM&gtm=45je3ab0&_p=1546167546&cid=167769579.1697505090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1697505089&sct=1&seg=0&dl=https%3A%2F%2Fmarsemfim.com.br%2F&dt=Mar%20Sem%20Fim%20-%20Especialidade%20no%20mar%20e%20na%20zona%20costeira%20brasileira&en=timing_complete&_ee=1&ep.name=load&epn.value=2360&ep.event_category=JS%20Dependencies&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1D7ZB23JEM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-spa-1.244.0.min.js
js-agent.newrelic.com/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.244.0.min.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b594de64cb38e1dead7fbde0ecaec3cc5e86fcffe980a31a277a2882fd244d96
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ZpbvAzso1vE68JD5ulMc_SWMwuP6aNuX
content-encoding
br
via
1.1 varnish
date
Tue, 17 Oct 2023 01:11:32 GMT
strict-transport-security
max-age=300
x-amz-request-id
71FTTGP40J89R6X4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28495
x-amz-id-2
GEbCH0nK9+EUzVn85EUq2LrfbhyfajIPY+IL9PAEx4e8+dTo8jsLSYVHkR2OLC58FBXb70XECMQ=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 11 Oct 2023 22:06:04 GMT
server
AmazonS3
x-timer
S1697505092.381490,VS0,VE0
etag
"c80f34e072ebf2c87e6c337ede3500a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
361468
asyncspc.php
adserver.latinon.com/revive/www/delivery/ 		636 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncspc.php?zones=1248&prefix=revive-0-&loc=https%3A%2F%2Fmarsemfim.com.br%2F
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a4e74053b2033e928ee8b420aa93bd75b3dbcf9a5d043988f5c106b82f59a490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:32 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://marsemfim.com.br
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
28a9f985749eaa70e636fc6937a107f30000334e4b1787327c0c2582874e34fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12129
x-xss-protection
0
spt
tg1.aniview.com/api/adserver/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=630646454a823e6968229da6&AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4882ed2fcca7bd63d4885c3fe51f8959aafbda2e0e8763393bd395f88e7d4a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:32 GMT
Content-Encoding
gzip
vary
origin
X-HW
1697505092.dop224.lo4.t,1697505092.cds304.lo4.shn,1697505092.dop224.lo4.t,1697505092.cds248.lo4.p
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6235
lg.php
adserver.latinon.com/revive/www/delivery/ 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adserver.latinon.com/revive/www/delivery/lg.php?bannerid=4436&campaignid=958&zoneid=1248&loc=https%3A%2F%2Fmarsemfim.com.br%2F&cb=21f64053a4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:32 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
82eab2dca0
bam.nr-data.net/1/ 		40 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/82eab2dca0?a=1062071176&v=1.244.0&to=YQZUMkNXXUFYBxBZDFhMYxRYGVpcXQEcHhNeEw%3D%3D&rst=5255&ck=0&s=dc2c1269f85b581e&ref=https://marsemfim.com.br/&af=err,xhr,stn,ins,spa&ap=1259&be=1352&fe=3691&dc=1037&at=TUFXRAtNTk8%3D&perf=%7B%22timing%22:%7B%22of%22:1697505087204,%22n%22:0,%22f%22:877,%22dn%22:878,%22dne%22:878,%22c%22:878,%22s%22:1184,%22ce%22:1233,%22rq%22:1234,%22rp%22:1352,%22rpe%22:1375,%22di%22:2160,%22ds%22:2388,%22de%22:2389,%22dc%22:5036,%22l%22:5036,%22le%22:5043%7D,%22navigation%22:%7B%7D%7D&fp=2042&fcp=2042
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230120-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:11:32 GMT
player.js
player.aniview.com/script/6.1/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
ae5ba14d979ec19650dea709df0da20f78bb81f757d7b967d85cd70439ddabe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu26NWmFdDnAJhoJXTgrpZ76hqCCbLW7Ftwjap8f_OvpabpHyu2XLvJgTzil1YkCJUz9YThfi7GtC9v8MBnOMjeJw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13529
last-modified
Sun, 15 Oct 2023 07:25:12 GMT
server
UploadServer
etag
"63210dc93a783b3e6c7b52188965836d"
vary
Accept-Encoding
x-goog-generation
1697354712384156
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=STleEQ==, md5=YyENyTp4Oz5se1IYiWWDbQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13529
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:33 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d31fb2628a06116ff22aef3&cid=63064602fe6db549742775d4&cb=1697505092758&r=marsemfim.com.br&stagid=630646454a823e6968229da6&stplid=622621151af7757c9b6e9ad7&d35=&d65=Control&d74=&e=playerLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.131.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-131-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3ECC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 14:30:37 GMT
expires
Tue, 15 Oct 2024 14:30:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5564 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
4f8a31de114b9ef4a52edc00f41ba9b1bbc4c6c24b8a334c9717da6eba643c05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eSaKrjixxYwEgXasIEsPfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eSaKrjixxYwEgXasIEsPfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 01:11:33 GMT
expires
Tue, 17 Oct 2023 01:11:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 5564 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3776373745201146&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
AVmanager.js
player.aniview.com/script/6.1/ Frame 7FE9 		449 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
5cc3337e08f7568d8af3a8dba5afd63320bcab263f3463a06687300a5468b886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvvT5XueD19xYnma7T58GOyc_JKRrNXJ9qr0GgoVNfO2k2Giyy_c6X5PlD8jz-TrdKnes6dXpH1Zq5QMNM_mabXmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131171
last-modified
Sun, 15 Oct 2023 07:25:12 GMT
server
UploadServer
etag
"4b42eddaea9071852393805bce14e317"
vary
Accept-Encoding
x-goog-generation
1697354712131937
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=egmavA==, md5=S0Lt2uqQcYUjk4BbzhTjFw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131171
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:33 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 3ECC 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:30:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
38455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 14:30:38 GMT
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		528 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ON.png
dkae4asr0dphj.cloudfront.net/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkae4asr0dphj.cloudfront.net/images/ON.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb0d2599e5748beb5076038dfed7583534a44542afbcca7b81b6f1c95ca7a1e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
wdBj49_vrJaV8PgEf3oFyvxdCwrH_E20
date
Mon, 16 Oct 2023 07:04:42 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 16:40:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65213
etag
"871287edbd88c5f99a5d411c7b6633ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
35452
x-amz-cf-id
WlfzfD_LXg01XAuJvg7Kam5rHbI7uBgUDhjqyTXWYK1dw5j4WOgxyw==
/
go1.aniview.com/api/adserver/tag/ 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=630646454a823e6968229da6&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fmarsemfim.com.br%2F&AV_CHANNELID=63064602fe6db549742775d4&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=marsemfim.com.br&AV_DADPOS=1&AV_OPLACEMENT=5&AV_TAG=630646454a823e6968229da6&AV_TEMPLATE=622621151af7757c9b6e9ad7&AV_GPID=/5d31fb2628a06116ff22aef3/630646454a823e6968229da6/marsemfim.com.br&d36=6.2.135&responsive=1&sver=4&avtoken=93368&omv=1.0.1&AV_D65=Control&clsid=c377eaed-674b-482b-8ffc-1f008ac474ef&rando=39&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1697505093372&wfc=1
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-243-137.compute-1.amazonaws.com
Software
/
Resource Hash
0514c2b8c207440f57e0cd915b1dbe6a0c565636eec514a8060564d6f78e894e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://marsemfim.com.br
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 05 Oct 2023 11:24:53 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=marsemfim.com.br&sn=&ic=0&tgt=0&app=&wi=480&he=270&test=&d36=6.2.135&apppkg=&fv=1&proto=https&d65=Control&clsid=c377eaed-674b-482b-8ffc-1f008ac474ef&rando=39&pid=5d31fb2628a06116ff22aef3&cid=63064602fe6db549742775d4&stagid=630646454a823e6968229da6&stplid=622621151af7757c9b6e9ad7&e=inventory&vi=100&cb=1697505093371
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.131.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-131-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3ECC 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G5EEDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161774/6973/ Frame 7FE9 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
758efa04a02527281686d63258ae07733b3cfd4322aca06f9636ec8c128ecadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:54:49 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168835
accept-ranges
bytes
content-length
68440
expires
Thu, 19 Oct 2023 00:05:29 GMT
pixel
ap.lijit.com/ Frame BC25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 17 Oct 2023 01:11:34 GMT
X-Sovrn-Pod
ad_ap1ams1
cookiesyncendpoint
sync.aniview.com/ Frame B314
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=200&key=OPTOUT
0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 17 Oct 2023 01:11:34 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 17 Oct 2023 01:11:34 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=200&key=OPTOUT
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 71B9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66207
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 17 Oct 2023 01:11:34 GMT
expires
Tue, 17 Oct 2023 19:35:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 61A2 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Tue, 17 Oct 2023 01:11:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 6703 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 9CAA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=36b859d438f59e4bd6fdfb87dc88277&_fw_gdpr=1&_fw_gdpr_consent=
0
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=36b859d438f59e4bd6fdfb87dc88277&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 17 Oct 2023 01:11:34 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 01:11:34 GMT
Expires
Tue, 17 Oct 2023 01:11:34 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=36b859d438f59e4bd6fdfb87dc88277&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1697505094067029-350
auto-user-sync
ads.stickyadstv.com/ Frame D746 		43 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-89.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive Transfer-Encoding
Content-Type
image/gif
Date
Tue, 17 Oct 2023 01:11:34 GMT
Expires
Tue, 17 Oct 2023 01:11:34 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1697505094034047-331
cookiesyncendpoint
sync.aniview.com/ Frame 9C58
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D105%26pid%3D59c9148...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
0
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 17 Oct 2023 01:11:34 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Tue, 17 Oct 2023 01:11:34 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1697505093713-980755215479-001762-012-005477&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
server
envoy
x-envoy-upstream-service-time
0
sync
ups.analytics.yahoo.com/ups/58815/ Frame 3B54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Tue, 17 Oct 2023 01:11:34 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame BD2E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 01:11:34 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 17 Oct 2023 01:11:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=marsemfim.com.br&rs=marsemfim.com.br&sid=99238&t=1697505093&cip=176.115.237.224&sn=&tgt=0&osv=10&bv=118.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&d64=cb33ef766d6fed34652da2b0147f3754&d63=cb33ef766d6fed34652da2b0147f3754&aafaid=&proto=https&uid=1697505093713-980755215479-001762-012-005477&cha=0.7&stagid=630646454a823e6968229da6&stplid=622621151af7757c9b6e9ad7&d35=&d36=6.2.135&cb=25053607669&d39=&d65=Control&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=63064602fe6db549742775d4&e=request&cb=1697505094070&asid=631a0f266c42491370439176%2C630fb0b29cf13446576d6654%2C630e38b80aeade51a46df935%2C630e38adca13b16d3f03e144%2C6324ebc51cccc02f9a5271f7%2C632e08cdb9099633234eff24%2C630646aa6874ec6b4017d83a%2C64382d4357998f6ca20a4a74&ofpr=0.1%2C0.1%2C0.1%2C%2C0.1%2C0.1%2C0.1%2C&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.131.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-131-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=marsemfim.com.br&rs=marsemfim.com.br&sid=99238&t=1697505093&cip=176.115.237.224&sn=&tgt=0&osv=10&bv=118.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&d64=cb33ef766d6fed34652da2b0147f3754&d63=cb33ef766d6fed34652da2b0147f3754&aafaid=&proto=https&uid=1697505093713-980755215479-001762-012-005477&cha=0.7&stagid=630646454a823e6968229da6&stplid=622621151af7757c9b6e9ad7&d35=&d36=6.2.135&cb=25053607669&d39=&d65=Control&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=63064602fe6db549742775d4&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1697505094070&asid=6502cdafb14cc47b400dc2a6%2C60e2dc60ee25575c625f9fd5%2C6422be5b87a160e5fb0950a3&ofpr=%2C0.5%2C0.5&fpo=%2C%2C&ri=1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.131.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-131-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7FE9 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdujJ0c3FaRlChVeSuXHECn3TP_KXt9PiojkGhUnNpbiocspknvbrTjItl5zsgqT32hqLEn_ykvZ6LGodXfDofCM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
72053
last-modified
Sun, 15 Oct 2023 07:25:13 GMT
server
UploadServer
etag
"056781e1da63417ffc71cc003404ba60"
vary
Accept-Encoding
x-goog-generation
1697354712881300
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=2vC5+A==, md5=BWeB4dpjQX/8ccwANAS6YA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
72053
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:34 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7FE9 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv7Vd3ojb5XJzaQjvmwbTEHFS3CgxayaxhNXRRSL1pWxk2_mCxdELdcYyweM4pDdofr92lerJ64w82hNlkUbzoP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23158
last-modified
Sun, 15 Oct 2023 07:25:13 GMT
server
UploadServer
etag
"0343cf9c108f72c0a0f19ff89a95a702"
vary
Accept-Encoding
x-goog-generation
1697354712884217
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=TV5fuA==, md5=A0PPnBCPcsCg8Z/4mpWnAg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23158
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:34 GMT
avpb7.51.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7FE9 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt83PaLRlQ2MzuaC5WSz_hxbjBEMBQ8XougRt1t0q__RkTsJ8jktZMZ2IDtkJXmF7I4I1s2yg0hKI5xwfhHC_wIZg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21046
last-modified
Sun, 15 Oct 2023 07:25:13 GMT
server
UploadServer
etag
"d338bfb55571fbea3f295da6aa954e44"
vary
Accept-Encoding
x-goog-generation
1697354712885174
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=RS081w==, md5=0zi/tVVx++o/KV2mqpVORA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21046
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:34 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7FE9 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu33AqHw6Z2_Dv6qaEapsf1cBCGLOh1bma_TcBk9SgYPqJeQtW8wkt_lp3fEkcRULrTErkSHmAVgPSDt35YZChbRxY4icWi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21028
last-modified
Sun, 15 Oct 2023 07:25:13 GMT
server
UploadServer
etag
"28d0ca30198f186e82e39f5e897a25c4"
vary
Accept-Encoding
x-goog-generation
1697354712875937
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=tFVjAQ==, md5=KNDKMBmPGG6C459eiXolxA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21028
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:34 GMT
avpb7.51.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7FE9 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a5.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.234.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-234-15.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
96846fb895748b870e5f744b328ae2f611a996fe04e023547f5534121c41d86f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv9Wz04Mr70_sba7LIIIxErVD8XwXjpEn-0wSxK3INmb-4hMH8uIwuARY1IwUQ8zcwALwytA11VJxwwoGywFsVayQqLzBBd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22568
last-modified
Sun, 15 Oct 2023 07:25:13 GMT
server
UploadServer
etag
"602db5c4f87ea177d15199110f7601a7"
vary
Accept-Encoding
x-goog-generation
1697354712912133
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=j7niBw==, md5=YC21xPh+oXfRUZkRD3YBpw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
22568
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:21:34 GMT
adv
grid.bidswitch.net/ Frame 7FE9 		60 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/adv?auid=405490&u=https%3A%2F%2Fmarsemfim.com.br%2F&r=1697505093&gdpr=1&gdpr_consent=&bf=0.98&cbb=7505094058
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:34 GMT
Server
nginx
Content-Type
text/xml; charset=UTF-8;
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
60
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 7FE9 		28 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=441462&zone_id=2542240&size_id=201&p_aso.video.protocols=2,5&p_aso.video.maxduration=120&p_aso.video.mimes=video/mp4,video/webm&p_aso.video.playbackmethod=2&rp_schain=1.0,1!latinon.com,2460,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-67.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 17 Oct 2023 01:11:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
608235
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7FE9 		67 B
585 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33645790&playerSize=AV_WIDTHxAV_HEIGHT&ltlg=AV_LATITUDE,AV_LONGITUDE&userAgent=AV_USERAGENT&ip=AV_IP&_fw_site_category=AV_CATEGORY&_fw_channel_name=AV_CHANNEL_NAME&_fw_content_title=AV_TITLE&_fw_content_language=AV_LANGUAGE&_fw_gdpr=AV_GDPR&_fw_us_privacy=AV_CCPA&schain=AV_SCHAIN&loc=AV_URL&cbb=7505094065
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-89.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://marsemfim.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1697505093733097-414
Expires
Tue, 17 Oct 2023 01:11:34 GMT
82eab2dca0
bam.nr-data.net/events/1/ 		24 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/82eab2dca0?a=1062071176&v=1.244.0&to=YQZUMkNXXUFYBxBZDFhMYxRYGVpcXQEcHhNeEw%3D%3D&rst=6884&ck=0&s=dc2c1269f85b581e&ref=https://marsemfim.com.br/
Requested by
Host: marsemfim.com.br
URL: https://marsemfim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 17 Oct 2023 01:11:34 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://marsemfim.com.br
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230120-FRA
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3776373745201146&bg=!5Oel56jNAAbFpEfJ5aQ7ADQBe5WfOImJC3l5DMcdTUNrd31zihvDT-UMcuhQLig47xWLCGArlMnx4-gcFfD377MIAIv0AgAAAaFSAAAAFGgBB5kC8OZaAkkHDtdgajpbWAWmQ4fBV4wWyJ_rT3XgwHfAHcOOGAw0INeG4ZPqOde4hhNSBKGSuAqCOzLlVYd8Px2z-0i4GKzgrA0MetTK7TRMvyXsG2na7IqlcnmS3dXWN6LxP8XsUrBZLdZwE-2V-R70yA87GOGnTjuWz_fJRO-teKe_OmB7ux46SA-6gJy3tuL7IvS_LBpX3m0NCLeIqgma2lmQtWAVKLRKOurUpwhjUeQISK2FzeVY5pgEDLjvtR41OV1fJgj5VvvyKVkQo6yWWuHKxQmDNJX0Mn6XON8x9KkS4va5aR296LBIBloxfqtjAplFr5xBQlxg4nuB0jZv84xp493q2RL02mf8V7tKaSC3SdbxfibeVgZMTIhTcDal4QimgwnxfNU2dMBtCTAhsNIJB38DS9J1LTgha0hGBCRfi4SB4pzV0NuNDZ-gc1LOpHEJTK6sXjCLv3trBYopg42PBp6_Njexqi8_raH43JbDmv6F-3t_aUOG4Zv4b5xFrV6i3XmcFKNn3wHs6Uu7IRvp8JfryOjbelYQx7cAbmpVAanE01TQXMBX42mLZGdy7XMuxwmq-Ayl1INEmszv-Wc4jr1BPgLu90_D3ZINhjLqmVZJ3b3k6wYP1R34G_xRI7gUCa-3I9CMkyJee35k9hbUvtBV6M7PqAu40qnqg_PSMTtQgq52TxvTGSP2NGRc8_rCyISJEcQpdKzPH8wOFsRwrM3ZlTK8MzYQk3SB9YC3m-BujyA9maKJp5Uqn3J7QHbeYH-YofXlDpyQorMlshpAoTArgFkhP2Od7H5nx4JMpM0bXdPcICBkRJ0lPHVlYYxNxqxK7iSS5oPNKHx6SVD2V8orepLyQMBgSd6cyvySKMp9FBsFy1r2VdAKKZW7SmylIFHrBq1LCFIeZbJR2whaBDd1n-Xaz3MKYkCMT5f9MEx3xAY23sprFGr0A6xtzkMTZ15n3Duag-d51QZbNJCmb8iQxL-Bm1x7mG2rH62V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
prebid
ib.adnxs.com/ut/v3/ Frame 7FE9 		144 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6a230ae30eb7898d2bbecf15e24e90b90505ee5aeb10608931318109daadc75e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:34 GMT
an-x-request-uuid
302b1182-14c3-40e6-8e0a-1e3d7f6b830b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 7FE9 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a21ab9f7128bcfce86782cd40915b97e202856bb9753b69cbfe33f91fecccc8a

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://marsemfim.com.br
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
/
colossusssp.com/ Frame 7FE9 		2 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.240.219.212 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://marsemfim.com.br
Date
Tue, 17 Oct 2023 01:11:34 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
prebid.media.net/rtb/ Frame 7FE9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUK67P42
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9aad781b215e15673168bebd0bd12139c20e5e814f28160f7dafc8af5fd682f3

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:34 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://marsemfim.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 01:11:34 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7FE9 		145 B
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
54b3ade0ca341e6c0e20ec446d96df592739252ea1f2acfeb8dbd326e5a2bac4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:34 GMT
an-x-request-uuid
85edf474-fa10-4b7e-94a7-bc5f7c6b7301
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7FE9 		67 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=26305010&componentId=prebid&componentSubId=mustang&timestamp=1697505094415&_fw_bidfloor=0.1&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=266004937&schain=1.0%2C1!latinon.com%2C2460%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221478693e-6b48-4d15-b0c4-041c0272f3ca%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fmarsemfim.com.br%2F&playerSize=480x270&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-89.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://marsemfim.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1697505094136079-381
Expires
Tue, 17 Oct 2023 01:11:34 GMT
hbjson
grid.bidswitch.net/ Frame 7FE9 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d2baa1f8be2fe314dc00167542278087b0c8bec653f9626c2a5e016e6be581b7

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 01:11:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ Frame 7FE9 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://marsemfim.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PugMaster
image6.pubmatic.com/AdServer/ Frame 71B9 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26029727&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1697505093713-980755215479-001762-012-005477%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:32 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame BD2E 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76355
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:09 GMT
khaos.json
token.rubiconproject.com/ Frame BD2E 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
prebid
id5-sync.com/api/config/ Frame 7FE9 		135 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://marsemfim.com.br
date
Tue, 17 Oct 2023 01:11:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame 7FE9 		141 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
212e1a19e68aff906fe6d6005a59b8d0f8c07d5aece3a2db61413681ea56cb3d

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 01:11:35 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8174ab21aef10205-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ Frame 7FE9 		44 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 01:11:35 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://marsemfim.com.br
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
checksync.php
contextual.media.net/ Frame C169 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
57628b3d7540c6567e7107d7f98c78a64d2e57e4b50c6dd472e3a29e77dd2966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11705
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 01:11:36 GMT
expires
Thu, 19 Oct 2023 01:11:36 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8E0C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 Oct 2023 01:11:35 GMT
ETag
"623de86a-cf34"
Expires
Wed, 18 Oct 2023 01:11:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
iframe
sync.colossusssp.com/ Frame D3CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.116 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 17 Oct 2023 01:11:36 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.html
eus.rubiconproject.com/ Frame 75E3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 01:11:35 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D4ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1697505094590
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://marsemfim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.81.102 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a38827addb45194f918290a774a071&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7291292471483411530&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTM4ODI3YWRkYjQ1MTk0ZjkxODI5MGE3NzRhMDcx&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELvX9oZd53wOBkXh6rCLArs&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?userId=AAGV6k7KW78AABmHVt6Exg&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a38827addb45194f918290a774a071?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Y7ALHzhE2oMveP9qDGHAJyEvMsYtpP66p5AIjmin~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Protocol
H2
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1697505096844045-400
Expires
Tue, 17 Oct 2023 01:11:37 GMT
usync.js
eus.rubiconproject.com/ Frame 75E3 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76354
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:09 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 7FE9 		33 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://marsemfim.com.br
date
Tue, 17 Oct 2023 01:11:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 75E3 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
async_usersync
ib.adnxs.com/ Frame 8E0C 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:36 GMT
an-x-request-uuid
2901e517-abeb-4717-8916-01587f5f6c9e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
371.json
id5-sync.com/g/v2/ Frame 7FE9 		276 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
02deb7374bfeb6223c1a1c03c6c8cd1c5ca949fffa346a931043e70f7543d393
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://marsemfim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://marsemfim.com.br
date
Tue, 17 Oct 2023 01:11:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sync
gum.criteo.com/ Frame C169 		60 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
271269
expires
60
usync.html
eus.rubiconproject.com/ Frame 8BB8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 01:11:36 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 17 Oct 2023 01:11:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D2D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3405066968755238000V10%26type%3Dpba%26refUrl%3D%26vid%3D75050961613405066968755238000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66205
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 17 Oct 2023 01:11:36 GMT
expires
Tue, 17 Oct 2023 19:35:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame C169 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3405066968755238000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:36 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 17 Oct 2023 01:11:36 GMT
cm
us-u.openx.net/w/1.0/ Frame C169 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3405066968755238000V10%26type%3Dopx%26refUrl%3D%26vid%3D75050961613405066968755238000V10%26ovsid%3D
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cksync
cs.media.net/ Frame C169
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQwNTA2Njk2ODc1NTIzODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEZzOWXdfRDRFHyxJvCGVjI&google_cver=1
52 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEZzOWXdfRDRFHyxJvCGVjI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
2.18.160.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 01:11:37 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
52
x-mnet-hl2
E
Expires
Tue, 17 Oct 2023 01:11:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEZzOWXdfRDRFHyxJvCGVjI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C169 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
935630
expires
Tue, 17 Oct 2023 00:00:00 GMT
sync
x.bidswitch.net/ Frame C169 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.81.102 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:11:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame C169
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3405066968755238000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3405066968755238000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=10d13bf8-af35-417f-b2d7-fec3055a48d8&cs=1
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=10d13bf8-af35-417f-b2d7-fec3055a48d8&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=2034%2C2055%2C2099%2C2031%2C2030%2C175%2C157%2C2028%2C159%2C2069%2C459%2C97%2C99%2C77%2C56%2C2022%2C262%2C461%2C2039%2C4%2C10000%2C80%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 01:11:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Tue, 17 Oct 2023 01:11:36 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=10d13bf8-af35-417f-b2d7-fec3055a48d8&cs=1
Date
Tue, 17 Oct 2023 01:11:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 8BB8 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 01:11:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76353
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:09 GMT
khaos.json
token.rubiconproject.com/ Frame 8BB8 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
async_usersync
ib.adnxs.com/ Frame 8E0C 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:37 GMT
an-x-request-uuid
d44d345b-5133-4ac8-af75-9798a87b6a8a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1D7ZB23JEM&gtm=45je3ab0&_p=1546167546&cid=167769579.1697505090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&_s=3&sid=1697505089&sct=1&seg=0&dl=https%3A%2F%2Fmarsemfim.com.br%2F&dt=Mar%20Sem%20Fim%20-%20Especialidade%20no%20mar%20e%20na%20zona%20costeira%20brasileira&en=ad_impression&ep.query_id=CJKA6Z_z-4EDFXaO_QcdKo0LiA&_et=2208
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1D7ZB23JEM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marsemfim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 01:11:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marsemfim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| NREUM object| webpackChunk:NRBA-1.244.0.PROD object| newrelic object| dataLayerParceirosEstadao object| dataLayer undefined| $ function| jQuery function| LazyLoad object| WebFontConfig object| WebFont function| loadCSS object| google_tag_manager object| google_tag_data function| gtag string| GoogleAnalyticsObject function| ga object| tdwGlobal function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n boolean| tds_video_playlists string| td_ad_background_click_link string| td_ad_background_click_target object| _N2 object| adsbygoogle object| block_td_uid_7_652dc0a978aff object| block_td_uid_11_652dc0a97cf66 object| block_td_uid_13_652dc0a980fdb object| block_td_uid_16_652dc0a9855a7 object| block_td_uid_21_652dc0a987ec5 object| block_td_uid_23_652dc0a989c2e object| block_td_uid_25_652dc0a98ad42 object| wpcf7 object| moove_frontend_gdpr_scripts string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies object| modal string| cor undefined| scripts undefined| ts string| url object| parametros_array object| qs_array object| valores string| type string| bgcolor string| text_color string| logo_color string| assine_color string| assine_color_hover string| logo_color_img string| stl string| h string| final_html object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n boolean| n2Slow function| NextendThrottle function| NextendDeBounce object| n2const object| swv function| $f object| addComment function| postscribe function| gdpr_lightbox object| google_tag_manager_external function| fbq function| _fbq object| a2a_config object| googletag function| onYouTubeIframeAPIReady number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| gaGlobal object| gaplugins object| gaData object| n2ss object| SWG_BASIC object| a2a function| a2a_init object| n2-ss-9 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter object| reviveAsync function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| CleverCore boolean| CleverCoreLoaded object| google_image_requests object| GoogleGcLKhOms object| aniplayerPos function| avPlayer object| storageAni object| freewheelssp_cache

26 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: F5NYKdGCvvsB_NTu7HaCx79B2IfA1dN2j6sfb83BR4g-1697505089-0-ATl3G1+04fhG/33SWnn1lWJaAlq+2IP8T44yrFZcMp2kup5SvamK40/CprP8SfswfQk5iFutJehypMWLMuwWA4U=
.marsemfim.com.br/ Name: _ga
Value: GA1.3.167769579.1697505090
.marsemfim.com.br/ Name: _gid
Value: GA1.3.2025122209.1697505090
.marsemfim.com.br/ Name: _gat_gtag_UA_37604055_1
Value: 1
.marsemfim.com.br/ Name: _fbp
Value: fb.2.1697505090374.1506107887
adserver.latinon.com/ Name: OAGEO
Value: 2%7CDE%7CEU%7C1%7C%7C%7C51.4444%7C7.0114%7C200%7CEurope%2FBerlin%7C%7CNW%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.marsemfim.com.br/ Name: __gads
Value: ID=254b26d1023be110:T=1697505091:RT=1697505091:S=ALNI_MaYqgvFNIHN1LMBrH7E_V7R-Qp7tA
.marsemfim.com.br/ Name: __gpi
Value: UID=00000c9a432d746c:T=1697505091:RT=1697505091:S=ALNI_MaOPmMAv_IQtIej60q2q88__DVMYw
.doubleclick.net/ Name: IDE
Value: AHWqTUlesTrBGn2tqndVadkAbGMQkdOA7-L0C92_MkETxe__IeWhqHhG8hQRJCC5VjI
.marsemfim.com.br/ Name: _ga_1D7ZB23JEM
Value: GS1.1.1697505089.1.0.1697505092.57.0.0
.google.com/ Name: NID
Value: 511=juvrlZb48WZAoaKLbStne-mOZfWgSLW9dVmkzVlCJ1X8BfpjXOGQhXLgfSerEdqC_HGodqC4l3OlZoeh-8CDPXlgNGU7GGlTt-G9awCyxKF3eaYGEKpv-Lupu01K0JzsFCYZdkfVOEKnr44ltsIIJ2gbp3myTH4idnqw52XlNww
adserver.latinon.com/ Name: OAID
Value: 01000111010001000101000001010010
.aniview.com/ Name: aniC
Value: 1697505093713-980755215479-001762-012-005477
.ads.stickyadstv.com/ Name: UID
Value: a38827addb45194f918290a774a071
marsemfim.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.marsemfim.com.br/ Name: _pubcid
Value: 1478693e-6b48-4d15-b0c4-041c0272f3ca
.ads.pubmatic.com/ Name: KCCH
Value: YES
.ads.stickyadstv.com/ Name: pxId
Value: 9233
.rubiconproject.com/ Name: khaos
Value: LNTMPDJT-P-8P23
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0zK5e1zHwk3h1/cSNunm9WT6ft0alEFcs1rIzrSsa0bJxiiSqvehahRgS7Lod3574mGweUluV0NzS5CBhBbXiiIo8tEQuGXfEYuY/fSI0kfg==
.adnxs.com/ Name: icu
Value: ChgIoNZ3EAoYASABKAEwxr63qQY4AUABSAEQxr63qQYYAA..
.adnxs.com/ Name: uuid2
Value: 4951655091092276085
.aniview.com/ Name: 1_C_9
Value: 36b859d438f59e4bd6fdfb87dc88277
sync.aniview.com/ Name: 1_C_9
Value: 36b859d438f59e4bd6fdfb87dc88277
.aniview.com/ Name: 1_C_105
Value:
sync.aniview.com/ Name: 1_C_105
Value:

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
deprecation warning URL: https://marsemfim.com.br/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
acdn.adnxs.com
ads.pubmatic.com
ads.stickyadstv.com
adserver.latinon.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
bam.nr-data.net
c21lg-d.media.net
call.cleverwebserver.com
cdn.onesignal.com
cm.g.doubleclick.net
colossusssp.com
connect.facebook.net
contextual.media.net
cs.media.net
dis.criteo.com
dkae4asr0dphj.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
img.onesignal.com
js-agent.newrelic.com
lb.eu-1-id5-sync.com
marsemfim.com.br
match.adsrvr.org
match.prod.bidr.io
news.google.com
onesignal.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
rtb.mfadsrvr.com
scripts.cleverwebserver.com
secure-assets.rubiconproject.com
static.addtoany.com
statics.estadao.com.br
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.colossusssp.com
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
ui.cleverwebserver.com
ups.analytics.yahoo.com
us-u.openx.net
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zem.outbrainimg.com
104.122.39.115
104.18.214.59
104.18.215.59
104.22.5.69
104.22.70.197
13.224.194.64
141.95.98.64
142.250.13.157
142.250.184.194
142.250.184.226
142.250.185.162
142.250.185.206
142.250.185.98
142.250.186.100
142.250.186.163
142.250.186.174
142.250.186.46
142.250.186.98
145.40.97.66
146.75.118.132
151.101.130.137
157.240.0.35
157.240.0.6
162.19.138.118
162.247.243.29
172.217.16.195
172.217.18.1
172.217.18.8
172.240.155.116
172.240.219.212
172.64.145.156
172.67.128.94
178.250.1.11
178.250.1.9
18.156.30.67
184.30.16.183
184.30.17.67
184.30.22.30
184.86.251.89
185.64.190.78
2.18.160.23
213.227.153.225
216.239.38.181
216.52.2.91
216.58.212.138
23.212.88.20
23.32.184.192
23.53.234.15
3.122.23.32
3.123.45.150
3.124.81.102
3.215.243.137
3.33.220.150
3.69.181.164
3.71.149.231
34.120.133.55
34.120.63.153
34.236.131.197
34.98.64.218
37.252.172.123
46.228.174.117
51.38.120.206
52.49.222.43
54.228.148.187
64.227.27.145
69.16.175.10
69.173.144.137
69.173.144.165
95.101.111.163
95.101.148.20
96.46.186.182
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
02deb7374bfeb6223c1a1c03c6c8cd1c5ca949fffa346a931043e70f7543d393
03ea87f77569f6466de8bf1ce7083267de7d09ad578284eb3f7ded0d8447fc1c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
042cb3f8992be02a2654d8e605c8736f83a54a22e837355891ae4f188630e25f
0514c2b8c207440f57e0cd915b1dbe6a0c565636eec514a8060564d6f78e894e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cc38df7ab0b6c4b69f93c31ffdf353ac5e82f32348bb7d04bb285eeddbba55b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
129737ce69996a252f10fd1977d7557778285b37e584aef8ffede5129f6c4265
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
1cc0cba3fb21b5b98e5cd32c04c232b6281764b4afa41544e9057398287e6736
1cd883610608b1fdbe8e8ea6dc16fd5d05773c3570ae5ab86c8f0beb1ed2d272
1df2129fce343469a4af2e08a9b4d20f04f777afdaf864a281704354cbd1880e
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
20b73d4b3f65ddbefd889802ab787c8da68d88f8eaebf66cebf15f94657c7f17
212e1a19e68aff906fe6d6005a59b8d0f8c07d5aece3a2db61413681ea56cb3d
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a9f985749eaa70e636fc6937a107f30000334e4b1787327c0c2582874e34fe
28b5161f14d2187bf7d5d3adc60774105e9375e77001fcc81e6d284ed44d93ac
29af9754501905e928b4f480e003d1414026f6fbb88b10d126c89b01553adb19
2d47eb7855ab1ec2488e616614c88ebb25fb78678a4ded5456404c68ee77a217
2e736aa5278761ff11925b6072d2b0e61d4d731df2c9693698407bc5bb7a8125
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2fdc0177eed51eb10b828c2d022c0d431cf1ea30d59568a2d2a0a9423c19ddda
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319c6305d4d30901d71afb07121e3d0508395676d19e467aa07b8d7847f01e83
383ffc5de4f86af780fda9593c7729a5418defab76e749be89fc92d3e8aad2dc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c787b69eb9114af80f57ed99c77ce2ea7b4675a8a65a3470bdc193b7b6513f6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fb94f220d766d53fafd840b88adac2820a64e4c5991751ff7339ed0c6dbc0fe
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
4882ed2fcca7bd63d4885c3fe51f8959aafbda2e0e8763393bd395f88e7d4a32
4c8b4338151a09bd454dc78f4d9ae117e164ce8ac44f18311db1d2c8c7183b1a
4d7ad1bd25e1fd955f01bea8161dcf628b4e1829dc6f28835ee87c42fd2344e6
4dd3f4aec161b9a8e98bc3b6ef5494dcb290b72271ddc0a59f27a605e2ee627d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8a31de114b9ef4a52edc00f41ba9b1bbc4c6c24b8a334c9717da6eba643c05
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869
52917fabf61dbd5a4b2389cf617d19d588d05071d2b0273b3c18047444d85f01
534936de46764fb905f6a2b088562e2f203d1e310621639d249778be69a3d3c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3ade0ca341e6c0e20ec446d96df592739252ea1f2acfeb8dbd326e5a2bac4
54b8fb82a84ba43f8fdac7cefaf50ad70220ab75b6c422b7bfe38d4248af332e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5621692c35b842f7e9452c32cd03f265ff5986bfd8cc703092a706e1665a0512
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
56dd5c42770c0eab9db9b62478a94c3d90256950033134c9cf5f1ffb69a3a94b
57628b3d7540c6567e7107d7f98c78a64d2e57e4b50c6dd472e3a29e77dd2966
58286370a7eba4b7f9bdf21ab2ca0fe01e0cdf5d4753b9da362644d4883e4960
58a9f288fac2463d7f1dead1df14e316a865ec32bc23a52657e670e2f228c40d
58ebdaf8bd96385ec4fe1f2e349367a3a205f2a5b733b1e89262907b465e6392
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5c49dba84c1cbff67508623a16507105bde5be084f2beabcc276b03c4555968e
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cc3337e08f7568d8af3a8dba5afd63320bcab263f3463a06687300a5468b886
5e8fbd2f6aa9caf116845100b5a77aee47bb2a81dc994198f892c81cebb9169a
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
64756c19bee5e8d01058b314e7d783f74489b1c667f8db67010d05cca73a8bce
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
682a23c252a8f44406c8e1a862528899c72cd527bca828ffe7c6de1aed6cf3fd
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6888c9dfe6d24f38fd79723f81c0248eae46135dacc85df53e2762687d0463f3
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6a230ae30eb7898d2bbecf15e24e90b90505ee5aeb10608931318109daadc75e
6bc86f571eb48f23eef13e3f877b4702a8604c3e01ff5958bcdc640aeb8d3445
6ea5ae57fcaf52330c9dcb99b88d748bc9872420147baf03a6ecd25112ec65a4
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6fb0a61f7802f52b94ef88eb2d820d81cbfee399eb2919e404cee9d8a4cb3986
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
71f79f37d4e8b859666befd78e5632083f4082be479791f697c1bcb743930daa
735c1d40c4ea92154a047f710a151e7e814814072c4b17ab4ee8dfb8aa5715b1
758efa04a02527281686d63258ae07733b3cfd4322aca06f9636ec8c128ecadf
7605e6ca7af5926f1ee83835fa30f98a8aebb8136ebcd0238c800422414990e5
77001d7b5ef434693823d204124f7ad32c152e491618da32a908a01c5c75d137
77db55a948b5b61aca1f9b49e4968416973e4042e938ef6e11151cd4ad547063
785258bc44825158fc68a4231a5699e2af31dec04df63ae470ab88a95dd0b5f7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79cc13080973e3d26fd6af987bad4e93112844119776437b58339b80c5fac53a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7ea980a2aa4fd3ca3284018a3be89c029000b7809af97421c0d24c2c1c682541
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77
80dc64a254aaae62fb31563d40ddf7c06d83abed1c7e404e4c9fcc843502950c
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aecfc34c0e1f64eb4a7c572d4be4208379acdf9671cb2ff267ac9a3878cd60
85d84abda820321f99ba661428ae4bcda2d6b8390808cc83c98111134bb972d7
8942f72ed4776fb8151af290059d2f828e4f70e4c9a73cbb96bbd67cc4c1be71
8c1346314bcf1f9d3fa2e8d99ad9e82dbd8960f9779fc52fa2af13601e0c65f1
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fcacb6ea7c171d52fde83c99e81b210ce20ef14574dd345a7275fabfb6593db
907c21b6a860bba1f51b1a7895a50e8aee72c8ae2e5fa14be1b2ad738bcd2ee7
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
950c188cdfb7a89829b3eb13b4487c39ffec62c9def11e46fc5e81074b80c6db
96824fd49019510925d53dfe028729514652acc1b2738a8992df481a078b42ee
96846fb895748b870e5f744b328ae2f611a996fe04e023547f5534121c41d86f
986238d8726c909875bb31386b751192574e0575addd074300485653c883685f
9a7feda4440f974f77d94ba29bed6f82e3dfdbbbae1b3b473d95dc860788b9b7
9aad781b215e15673168bebd0bd12139c20e5e814f28160f7dafc8af5fd682f3
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9e213036e055bb91497be04fff5b310817a7cce448b4fd12eca7c2452230969c
a034ed55e9341043adfee46b50afad8f6a1fd0db8f2e5e985541fadc7ba75a83
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a21ab9f7128bcfce86782cd40915b97e202856bb9753b69cbfe33f91fecccc8a
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a4e74053b2033e928ee8b420aa93bd75b3dbcf9a5d043988f5c106b82f59a490
a8c447f85fe213498060d0cce8ed61bf5af2f371c056434d13e39fc126de940d
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac2f50870e00e797981885b7012cb5d5536efc0250fca1e967f7cf15f53d7b3c
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
ae5ba14d979ec19650dea709df0da20f78bb81f757d7b967d85cd70439ddabe7
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca
b503aad545c10a6bda30eb3fee3b081777ca6bf3ce0c501d75ca844f72cbc37d
b594de64cb38e1dead7fbde0ecaec3cc5e86fcffe980a31a277a2882fd244d96
b613ff6730d44328892e546366587fee5c50cab1b9de4e9638f86dcb0ad35127
b67f1c3997a49fabf9cc1b4fd0069a30c814ecee63a6a0b4545ad4b5345052cb
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
baa2193c1ef0932132b736b0f9478dafcf9304f63fa0bd6106bd57013d3a478a
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c4ec095bea4ca3fa099f5f4c17ae50c2266a57a975447c9061a6ef9eaedc90c2
c790cca988aa90049a7b9c6481eed1b8f0f4f94bc266619d1c5dbdf1e7a74a76
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca86b49bb4e23770e711f22e49c86dda895840f6a0ddff81adf511d88b7b35e9
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf562686da9f727152e16d29aef848a790f2fc64a76c8a9a818750b2b691a65a
d2baa1f8be2fe314dc00167542278087b0c8bec653f9626c2a5e016e6be581b7
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
d7da96b050b36f6e29ec3b7df6dc2e1b7ee1a44d357c84e7acfa7e9c931fa333
d9629282170f890df83afeeab58201910d8ab4693654ba99b3fc95f2d9e8a7f3
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db2b39edbfdb1ecf1dfc437b38508e4c88f0be979f655976c090639be9ea20e5
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc2adaf689e264e05d33c0e4606fb607a28432c04331c33c3fb87c00b8fd55e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd1bb6662672d9ae911c76f04de264a549983480201e5ab11f6282a60a429e7
dfe0e2665be7c94ca46528decce19ab9bd99bbb374e75f0b967dfb50de578c24
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e505675e74a2562460c2ce86929d6b656d70dd562234f83c3e511a59df5c95e5
e58836a14c7921e4c2d2813e716d6c1b2ade01a39ffccbdb47a68d4ff565ca2b
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ea0fa806e0406db8c007bc057500bfc2c320d17b578df9d44a2d56292586b68f
eba3d5ac6ae0edfcbee550a3c0be2a1847e9255217659554790433d4ac4d5e99
ec8b1b8fc1a6faef11240bf579a82269fad546aa98662ff239a6c19a4bdbdc70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3e6c5a15526ca775b8f23e7d7da28c81a443851690dfc6edbe6df49089d27
f17722f8f0529a89584ad34234594c7cd7584a07abd45f38a706eccae2fe9c42
f49e73dccd269481ecf3b33b04e7f5e0767b2d59e581489b0aa19a1ba8255bf6
f59abd7465722f4e3f8f012dc5817b7b634173a2d72be29d8b5da628b573ea3c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7a9865af6009c8983d4f7ad7faefa67993f91ae872b20dcada17b61c19beda4
f94b7756c96411b34b90cedcd0234fb84c06127006b9af456d7633705ba8513b
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794
fb0d2599e5748beb5076038dfed7583534a44542afbcca7b81b6f1c95ca7a1e2
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969