observatoriodeourofino.com.br Open in urlscan Pro
2606:4700:3034::ac43:93cd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Submission: On June 05 via api (June 5th 2021, 9:34:47 am UTC) from IL

Summary HTTP 145 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 31 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3034::ac43:93cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is observatoriodeourofino.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time observatoriodeourofino.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3034::ac43:93cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:4000:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2804:564::1158 2804:564::1158	20044 (S/A ESTAD...) (S/A ESTADO DE MINAS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218e:bc00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 1	2804:564::2003 2804:564::2003	20044 (S/A ESTAD...) (S/A ESTADO DE MINAS)
1	2804:564::1183 2804:564::1183	20044 (S/A ESTAD...) (S/A ESTADO DE MINAS)
2	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:c003:a766:aff9:a170	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	52.222.149.50 52.222.149.50	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	52.209.181.46 52.209.181.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
145	43

24 2606:4700:3034::ac43:93cd (United States)

ASN13335 (CLOUDFLARENET, US)

observatoriodeourofino.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:4000:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2804:564::1158 (Brazil) 1 redirects

ASN20044 (S/A ESTADO DE MINAS, BR)

barra.uai.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs2.uai.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:bc00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:564::2003 (Brazil) 1 redirects

ASN20044 (S/A ESTADO DE MINAS, BR)

logo.uai.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:564::1183 (Brazil)

ASN20044 (S/A ESTADO DE MINAS, BR)

www.em.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:c003:a766:aff9:a170 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.149.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-50.cdg52.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.181.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-181-46.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	observatoriodeourofino.com.br observatoriodeourofino.com.br	1 MB
20	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	138 KB
15	googlesyndication.com pagead2.googlesyndication.com 1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com tpc.googlesyndication.com	226 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	384 KB
11	gstatic.com fonts.gstatic.com	196 KB
8	cdninstagram.com scontent-frt3-2.cdninstagram.com scontent-frx5-1.cdninstagram.com scontent-frt3-1.cdninstagram.com	1 MB
6	google.com adservice.google.com www.google.com	941 B
6	google-analytics.com www.google-analytics.com	38 KB
5	uai.com.br 2 redirects barra.uai.com.br imgs2.uai.com.br logo.uai.com.br	11 KB
4	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
4	webgains.com track.webgains.com diapi.webgains.com	98 KB
4	googletagservices.com www.googletagservices.com	123 KB
4	googletagmanager.com www.googletagmanager.com	141 KB
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net
3	google.de adservice.google.de	409 B
2	m-t.io w-it.m-t.io	279 B
2	awin1.com www.awin1.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	761 B
2	jsuol.com.br tm.jsuol.com.br	16 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	336 B
1	innovid.com ag.innovid.com	295 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	quantserve.com cms.quantserve.com	463 B
1	em.com.br www.em.com.br
1	googleadservices.com partner.googleadservices.com	419 B
1	instagram.com graph.instagram.com	6 KB
1	facebook.com www.facebook.com
1	uol.com.br tm.uol.com.br	688 B
1	taboola.com c2.taboola.com	17 KB
145	31

	Domain	Requested by
24	observatoriodeourofino.com.br	observatoriodeourofino.com.br
11	fonts.gstatic.com	fonts.googleapis.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com observatoriodeourofino.com.br
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	observatoriodeourofino.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com observatoriodeourofino.com.br barra.uai.com.br
5	cm.g.doubleclick.net	googleads.g.doubleclick.net observatoriodeourofino.com.br
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
4	scontent-frt3-1.cdninstagram.com	observatoriodeourofino.com.br
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net observatoriodeourofino.com.br
4	www.googletagservices.com	barra.uai.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
4	www.googletagmanager.com	observatoriodeourofino.com.br www.googletagmanager.com
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	www.google.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	barra.uai.com.br	observatoriodeourofino.com.br
2	w-it.m-t.io	analytics-wg.webgains.io
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	scontent-frx5-1.cdninstagram.com	observatoriodeourofino.com.br
2	scontent-frt3-2.cdninstagram.com	observatoriodeourofino.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	tm.jsuol.com.br	observatoriodeourofino.com.br tm.uol.com.br
2	fonts.googleapis.com	observatoriodeourofino.com.br
1	analytics-wg.webgains.io	analytics.webgains.io
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	ad4mat.net	ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	observatoriodeourofino.com.br
1	www.em.com.br	observatoriodeourofino.com.br
1	logo.uai.com.br	1 redirects
1	imgs2.uai.com.br	1 redirects
1	1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	graph.instagram.com	observatoriodeourofino.com.br
1	www.facebook.com	observatoriodeourofino.com.br
1	tm.uol.com.br	tm.jsuol.com.br
1	c2.taboola.com	observatoriodeourofino.com.br
145	48

This site contains links to these domains. Also see Links.

Domain
www.em.com.br
www.mg.superesportes.com.br
www.uai.com.br
estadodeminas.vrum.com.br
estadodeminas.lugarcerto.com.br
www.alterosa.com.br
parceiros.uai.com.br
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.ongalquimia.org.br
instagram.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
uai.com.br R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.graph.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-05-19` - `2021-08-17`	3 months	crt.sh
em.com.br R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-05-13` - `2021-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Frame ID: 1D4A58AC158CA0FF8F07CD023CC503E6
Requests: 83 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 3901233CC37AE0C7540071A75C9A6FC2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://observatoriodeourofino.com.br/noticia/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: F741E9351F1A8F00FB75C99B53B85B98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: C5C7FC37D8C48D094AD32AD79AA5ED4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2888604272&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661697&bpp=16&bdt=982&idt=85&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=470757426386&frm=20&pv=2&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WviPLieqBQ&p=https%3A//observatoriodeourofino.com.br&dtd=100
Frame ID: 3C407035AD048932FADA20E188A4AE8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2657115604&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661713&bpp=1&bdt=998&idt=98&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=w6iXg0fYym&p=https%3A//observatoriodeourofino.com.br&dtd=103
Frame ID: 83E1D4F0D8B6D7D25ABCDB7C46EBF8EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=1543753041&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661738&bpp=5&bdt=1024&idt=116&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CBANDwRSfI&p=https%3A//observatoriodeourofino.com.br&dtd=119
Frame ID: 81C110831F3AA89330F3AB140DC5E803
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=271434022&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661756&bpp=1&bdt=1041&idt=133&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=1725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0MDuKvA5t5&p=https%3A//observatoriodeourofino.com.br&dtd=136
Frame ID: D24FDEB39EE98322E3F204AA5624389B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=90&slotname=3868408121&adk=634728373&adf=643048507&pi=t.ma~as.3868408121&w=728&lmt=1622885661&psa=0&format=728x90&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661766&bpp=1&bdt=1051&idt=171&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=VxVltdnnYi&p=https%3A//observatoriodeourofino.com.br&dtd=174
Frame ID: D93095135B8BB3D5E24B91C8418E2CFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&adk=1812271804&adf=3025194257&lmt=1622885661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661986&bpp=1&bdt=1271&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90&nras=1&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=5
Frame ID: D2F18E085A003E16773EB3EC57769071
Requests: 1 HTTP requests in this frame

Frame: https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Frame ID: 32D6D4A2475B2395D022B4E528B8A999
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12
Frame ID: E21CCBBEF4287E88F143E8A7F6E632C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKbE7Zn5zZbuojIr_PBpRKElszOPZ7pl7HY2mQ-5PeCHJryygtkqJTb9zqY_ML0Wcxbk520pVw9Jpjj31JGKEN87R5derTAcbft5ldIHmH_YYkRMU5HgW3Y796zfZwLQ2B9z_uMX65rXCb4eLLA1ve6wdSCMSE6QVylnVv8XWBxPEVBBxS_dCvwJQm6uxtU5JcDNN8lqucICjm8F5cxX118I0uaZUxO7VLWHkx3syDfdajAhuosVCyLFgQymS68k_afsoy46hViL0mZUKFPpqOsDYYx8v5fZgNR5W5XruqNldCHQy4FJ12YWceCXhYJiEFqPAKM0qh&sai=AMfl-YTd0angW8Q2UaF03DqFLrJSIbcd0pJK3h3gSTPzIMfiNiS_giSgfqql9bt8h81avpXEyd2Kvk4xJbgfXbYKAgHV4CZJKnXnZzSqNdE7iTtXj8NkdSMSdlhmX2S308s&sig=Cg0ArKJSzIuoMSLuM9XbEAE&adurl=
Frame ID: 3F1A40A1CFEF753E18D79EF33681F02C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CO0XlHkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEiwJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw8ezE63eqiJP-yd_2UbyBB-3DaABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02OTE1NjA5NTQxNjgxMDI2&sigh=Ug6nuW6itr0
Frame ID: 644698A3082A2DD9B7328500BB33C100
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
Frame ID: 0CA00CC4BA678788BA66C1258B5E19F8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D60BE208B906558FE70D5A26F4C0F13
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7FC3A69757B27181319394FE41E76260
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: BC02FE5F51325EAEEB7598CE2AB24D69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 91D9B6CAED17ADA35B28D0A003572B4F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC36D2502131258482C5504D21887F67
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Frame ID: E749346862634BA07725D4E15F41A102
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

145
Requests

99 %
HTTPS

74 %
IPv6

31
Domains

48
Subdomains

43
IPs

7
Countries

3796 kB
Transfer

7073 kB
Size

7
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.em.com.br/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://www.mg.superesportes.com.br/
Title: Esporte

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/entretenimento/
Title: Entretenimento

Search URL Search Domain Scan URL

URL: https://estadodeminas.vrum.com.br/
Title: Veículos

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://estadodeminas.lugarcerto.com.br/
Title: Imóveis

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/saude/
Title: Saúde Plena

Search URL Search Domain Scan URL

URL: https://www.alterosa.com.br/
Title: TV Alterosa

Search URL Search Domain Scan URL

URL: https://parceiros.uai.com.br/
Title: Parceiros

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fobservatoriodeourofino.com.br%2Fnoticia%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sicoob+Credivass+promove+o+Dia+de+Cooperar+em+Ouro+Fino&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2Fnoticia%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&via=Observat%C3%B3rio+de+Ouro+Fino
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://observatoriodeourofino.com.br/noticia/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Title: Google+

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://observatoriodeourofino.com.br/noticia/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/&media=https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2019/06/sicoob-e1561735316324.jpg&description=Sicoob+Credivass+promove+o+Dia+de+Cooperar+em+Ouro+Fino
Title: Pinterest

Search URL Search Domain Scan URL

URL: http://www.ongalquimia.org.br/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ObservatoriodeOuroFino
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/observatoriodeourofino
Title: Siga

Search URL Search Domain Scan URL

URL: https://twitter.com/observatorioof
Title: Siga

Search URL Search Domain Scan URL

URL: https://www.instagram.com/observatoriodeourofino
Title: @observatoriodeourofino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPtu-mftkCZ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPqWc_ptJIM/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPbltCUtx31/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPWfATANQv6/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPUQMFCtk2O/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPJEl-Wt1rf/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPG-98ztlqY/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CPEhSToNAa9/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg HTTP 302
https://logo.uai.com.br/uai.jpg HTTP 301
https://www.em.com.br/assine/

Request Chain 108

https://rtb.openx.net/sync/dds?google_gid=CAESEPCKl4Ltzuvv0aW0814TGCc&google_cver=1&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPCKl4Ltzuvv0aW0814TGCc&google_cver=1&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&google_hm=Bbwoe-0ZxOo2W9kKhYMveA==

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGDnEKBO8OdmzHbhffM8WPU&google_cver=1&google_push=AQvitUKZ_kTVOsh-YTSLupcllDve5YTT4xpYJZVs2oQnOkN-p7kqcvya-GOULKGAuW6dZAwDrD72YLTjJvGlQgMsMJnNTzUk7O4h HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGDnEKBO8OdmzHbhffM8WPU&google_cver=1&google_push=AQvitUKZ_kTVOsh-YTSLupcllDve5YTT4xpYJZVs2oQnOkN-p7kqcvya-GOULKGAuW6dZAwDrD72YLTjJvGlQgMsMJnNTzUk7O4h&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtfHWmVgTxaGG1JfD1tBJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKZ_kTVOsh-YTSLupcllDve5YTT4xpYJZVs2oQnOkN-p7kqcvya-GOULKGAuW6dZAwDrD72YLTjJvGlQgMsMJnNTzUk7O4h

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEY6Dyyjf2GXvcGkXfhlGXQ&google_cver=1&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMmHHG_m4a4U-K00FD1djpCU3KIX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BKSzdaT08tMVotQVRJMQ==&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMmHHG_m4a4U-K00FD1djpCU3KIX

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4

Request Chain 113

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBThh-eWedlRX4wTtY_uAZY&google_cver=1&google_push=AQvitUJ8IxteBu378Xk20rQh3ff7vWQgDGNzJgv6n-ywbtrm-70aFr-Bs0YcpRo8dYOJsDRbgl6TunvhrRm9w8GNK0YDr2RhBCN_Fg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ8IxteBu378Xk20rQh3ff7vWQgDGNzJgv6n-ywbtrm-70aFr-Bs0YcpRo8dYOJsDRbgl6TunvhrRm9w8GNK0YDr2RhBCN_Fg&google_hm=

145 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/ 133 KB
22 KB 306ms
238ms Document
text/html 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdbfa9696f1a806b4ad1b377a51b6b0db3083de070122c0d091603b42c871619

Request headers

:method: GET
:authority: observatoriodeourofino.com.br
:scheme: https
:path: /2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=900
link: <https://observatoriodeourofino.com.br/wp-json/>; rel="https://api.w.org/" <https://observatoriodeourofino.com.br/wp-json/wp/v2/posts/8384>; rel="alternate"; type="application/json" <https://observatoriodeourofino.com.br/?p=8384>; rel=shortlink
vary: Accept-Encoding
age: 863
x-cache: HIT
cf-cache-status: DYNAMIC
cf-request-id: 0a7d1f0f3a000005ccb09da000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BbL9gAfXU3knPcwxSI0Q0uWM%2FswyqqCGkQ3pIgYE%2F1lPusy4kvuuvnlavWTie339r9hav8bZ6nGUBmaxl8eAlMwRaL7zCXEzbEFQc3L19aLkiA2PiIJ8nMh0naXcmD1tg5LEvejU9HttkzU8EYi4QEz2tJsRjko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65a86791f9f605cc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 33ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d90a83b1d7e68a4f251f36829efca6a9e973a2747fc8ecb8a60586364ca7d85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35938
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 style.min.css
observatoriodeourofino.com.br/wordpress/wp-includes/css/dist/block-library/ 57 KB
8 KB 71ms
54ms Stylesheet
text/css 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wordpress/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 399342
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104500001f4d24377000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1Y7xZd5uz3Un3Z%2BtN6nomq24ak%2FdUKxoWIJQ4b%2BGMEkxWcGWbw7Zyne%2Bf3Eu3SNGOHLEt1SL2NRfdFHNf0NYuA2yPA5PlMBotOD4l79NwWTgTQ2pAZ7zGcD13k6fhelfw8k9ecrrEk1KQGKg54jurHidudFT1CM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 65a867939bad1f4d-FRA

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 35ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.5

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a03feec961c7966dd17a981aafaffa8bbb80bb15351a6c19402647afede1437e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 08:02:14 GMT
server: ESF
date: Sat, 05 Jun 2021 09:34:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 js_composer.min.css
observatoriodeourofino.com.br/wordpress/wp-content/plugins/js_composer/assets/css/ 473 KB
40 KB 44ms
28ms Stylesheet
text/css 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a

Request headers

:path: /wordpress/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 46634
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104100001f4de0094000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HTnLukran1Y4KLYdSNclVuOIgJOnbwdUJ5RmdwVL8ceLvpYLa2gNUcvhHbSYdKY1%2FG5AbHxL%2FSagiF8coEnPMCtiLpXSCmig9ZwBKAPKNZLrJR32%2B7msAIwT8ZiGSlcYlChUN4NnkP%2F1TjLBPBDfNf%2Boc99QKkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 65a867939bac1f4d-FRA

GET
H3-29 200 style.css
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/ 1 MB
114 KB 58ms
43ms Stylesheet
text/css 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff94f88943267560a1f702ad95e00452724b1b48b4fa6c4269311a1dc4aa0e6

Request headers

:path: /wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8522
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104000001f4de891a000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5MG2Zq4QiAL93%2BvsH6mA4Mr3X%2BPOMf3t1Fh4nGraYQEvPiJjyp4ZSl03%2F0INVmRfnpDoC4oNHJlcgYXKFOeLZDjX7u1q0gaPdJgtr6hDyf8aQ1bw16tJfK10jF2aFPjsInGUCSz9k1WEEcODPKx%2F04LRnG%2FaJDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 65a867939bab1f4d-FRA

GET
H3-29 200 style.css
observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/ 486 B
839 B 32ms
17ms Stylesheet
text/css 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/style.css?ver=9.5c
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b588f7a82dacda5a429eafc52b59872dc668ea6d51eab2ddf9c36804676184

Request headers

:path: /wordpress/wp-content/themes/newspaper-child/style.css?ver=9.5c
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8522
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104000001f4d4d35c000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9FhIlhgXIV2NK11I2Nqhc%2FzyKieCUeOWuJWpz99CiAIya0cyVP%2FfMk7qkdzl6p3asH%2Biq6L20mcNf0VetmL5vPYbaisYaSfmTwTb3GXGWXEE9VG5HHH9XGMzJikWtXkSfFVEQxxQkLapDnYsIfLkuQ9jDuVnMsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 65a867939ba91f4d-FRA

GET
H3-29 200 frontend-gtag.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 29ms
14ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d

Request headers

:path: /wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 20921
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104000001f4d070aa000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zvnfb7FFv5aYLfgGITkHcnG6JsqnR%2BgJ%2BDE%2FZdK1wnVZjt8ebXuAHwRIuyOhmC7%2BEBwlhLdYmRlULlR3sAJfGXN4pZd5P%2FEn39ma12Or8JHNI%2FYQn76%2Bf5MvN5Nz6sgBG1Xro1vhLcTXl6qQAip3nezTasSAZBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a867939ba81f4d-FRA

GET
H3-29 200 jquery.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/ 87 KB
30 KB 50ms
36ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 399342
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f104100001f4d24376000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xd3RDhTnwoSzbY8znHAoEPxGewt0e63YGIdt51FBoqJ8QXtjhrpkjLA2GNcQ0yLLGE2sZm7Cw337fbDC91SAg7ljmCS4%2FoDLNEAYGDOcVIlSXINstNL6lDijhxfx08M3iVfbMK3jnDA4PUXhQ%2BMcoeL3aWb1rEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a867939ba51f4d-FRA

GET
H3-29 200 jquery-migrate.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/ 11 KB
4 KB 29ms
15ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 381105
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f103e00001f4debb6c000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f%2BGGnyRR2KX%2Bs7%2FFyZ29hM75HFcJ1iXAUghrXB06%2B2uLZglsqHthJ9jaccN4AhludneAIWJUWi%2FgKpKidVZUOdt0DlYho%2F0gtXkAlKb%2ByXlWD14mpdh3mRq1cL9fExhKWxG0XbJ3w9cYXyytekfRnzYujmTBCvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a867939ba11f4d-FRA

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 63 KB
14 KB 450ms
205ms Script
application/javascript 2600:9000:214f:4000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=o4q8lu
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 83056cb62961fd9c47117752a89d173665d3ac485d75731388016cd40e60c71b

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 18:12:31 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: FRA53-C1
etag: 67d1398dc3fe21ba270855ee2ff5f543
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 14245
x-amz-cf-id: 3IpCQ0UBYoF5jRsuET1DxGgXy-UKDscAFAVjD1mYBqHc-UH_kMeqzg==
expires: Sat, 05 Jun 2021 10:34:21 GMT

GET
H3-29 200 MARCA-HORIZONTAL-AZUL-QUAD-PNG-1024x409.png
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/ 164 KB
164 KB 14ms
13ms Image
image/png 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/MARCA-HORIZONTAL-AZUL-QUAD-PNG-1024x409.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: affb24236f1fa3555421ee6d35f94086e4358f9b93cd428ba91ab6d4f5ea8a91

Request headers

:path: /wordpress/wp-content/uploads/2021/05/MARCA-HORIZONTAL-AZUL-QUAD-PNG-1024x409.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51840
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 167693
cf-request-id: 0a7d1f109c00001f4db42e5000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ms3sNycVej9SCYeSty0VUSvRPT93ny7S4iNfWqqtI9gZ9NmVmydBb%2FnXMkAiP%2BL%2FE8Je0DBrhj2JJQ9FXym11rq%2BZIj1fChvgNUAyotpyEo8sIeH1bYYXK%2BgBF8hiD068ichDhIQVlGUippKVM20KGFxjkAdNH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a867942cab1f4d-FRA

GET
H2 200 parceirouai.js Show response
barra.uai.com.br/ 4 KB
2 KB 846ms
201ms Script
application/javascript 2804:564::1158
S/A ESTADO DE MINAS

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/parceirouai.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:564::1158 , Brazil, ASN20044 (S/A ESTADO DE MINAS, BR),

Reverse DNS

Software

nginx /

Resource Hash

0117082955c19dd930456ec30c3c35a54e3f1eec129a82ce6721d8735b916731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: br
last-modified: Fri, 17 Jun 2016 17:47:06 GMT
server: nginx
etag: W/"58a88bd0-112d-5357cf1699a80"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
strict-transport-security: max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1377
date: Sat, 05 Jun 2021 09:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 05 Jun 2021 11:11:23 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 14 KB
5 KB 57ms
56ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 399342
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f109b00001f4d389b7000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iDGJl%2Fp8PvGjzVLNCVngOVgw0q9DBD2ltROJ5l%2BYln8BH6hqZMY%2FEJJTBBA6NvldPHclrbjbzojHAeu7nSUea8aK%2FJnbEYAWXBiHRf2c2JSNacRd0kOowwber99gfwm29vYUhZy5h7BaRwjY72JNElvnkD3mR6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a867942caf1f4d-FRA

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36182607-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

777576053281eca65214fffb72509206cf779c92555d749426d321fbab53f447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35932
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3637695-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cb773e92fea6f666cb6f16fadc555e0c61146c07f031aa075bbc15932da0772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
35 KB 53ms
51ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58MFNT

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

138ff99f8763b128006bd64f51a346fa87a142daa56fa335c7d45bca0ade2df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36145
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 newspaper.woff
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/ 50 KB
28 KB 50ms
50ms Font
application/font-woff 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e67dd84c92356342bf92a4ab1aeb65fbc5a4231165a475b74b8812af569164

Request headers

:path: /wordpress/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
pragma: no-cache
origin: https://observatoriodeourofino.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://observatoriodeourofino.com.br
Referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 172109
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f10a300001f4d2437e000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PEA%2B3bpqulMvpUW%2BnMGNg%2FCWgV07BC0vCJV%2BbkVnFzg%2FXrDc32qTL4Fl0GFPsgk0jQjKE3GRMsM%2ByJr14%2BKw71jbEhfXshVRkoPI5M6q%2BqHIHxfG9mJmMlgx%2BLdhRYe1GGdNkK9RQCHPgjqyEDZEog7IX%2ByoNnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=604800
cf-ray: 65a867943cc41f4d-FRA

GET
H3-29 200 newspaper-icons.woff
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/ 6 KB
4 KB 54ms
53ms Font
application/font-woff 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/newspaper-icons.woff?1
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wordpress/wp-content/themes/Newspaper/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://observatoriodeourofino.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://observatoriodeourofino.com.br
Referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8521
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f10a400001f4df1b69000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aIj44Xr0vpdo%2FC3WN0ow1fUH4NzP3KNpTz6IwAXKrvw0zZWjQDcoc4gF5MWVpmw%2B%2F2%2F1v8H7rq%2FRukGXwdQSb3mw2o7zmjo4Oqghbt%2B9wP9QsS1mHn3e51LCk48T4IgHxufmGbjEha3EXrR4fkVUYYcY3ZfBUUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=604800
cf-ray: 65a867943cc51f4d-FRA

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
age: 373649
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
expires: Wed, 01 Jun 2022 01:46:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:19:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 292482
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:19:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 349268
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:12 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 16:46:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 319670
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Wed, 01 Jun 2022 16:46:30 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 16:01:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 322359
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Wed, 01 Jun 2022 16:01:41 GMT

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 11:31:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 338543
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
expires: Wed, 01 Jun 2022 11:31:57 GMT

GET
H3-29 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:05:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:45 GMT
server: sffe
age: 300559
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:05:01 GMT

GET
H3-29 200 sicoob-e1561735316324-696x391.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2019/06/ 18 KB
18 KB 18ms
17ms Image
image/jpeg 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2019/06/sicoob-e1561735316324-696x391.jpg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b73b11ab09cc8910e73f890f574288d6173be8a6ee27833f47153b0ff0e63

Request headers

:path: /wordpress/wp-content/uploads/2019/06/sicoob-e1561735316324-696x391.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76196
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18283
cf-request-id: 0a7d1f111b00001f4dd727a000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cWB7e9DceN9B2TnOlhSmKmfrqt4%2BCkIcuNnCxaETtt3htLTFTEkaGKgCeTt04OmXcMn0V6CuUou1yTVPy2e%2Fn5KOplhQc5ILh0pBMEvSiWQwrWRPxuOvERxUQSsNgyYYeQ%2BtiynSNoABni2i%2FFNQc13vh67LGeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86794fe5e1f4d-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48419
x-xss-protection: 0
server: cafe
etag: 13744972075384101287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:34:20 GMT

GET
H3-29 200 instafeed.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/ 12 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/instafeed.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c1731b6bbe72309c73535cd79e4fd969e9df21a99464788a72c3617ba8d7fa

Request headers

:path: /wordpress/wp-content/themes/newspaper-child/instafeed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 64110
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f111c00001f4db42f1000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=09cuDSfaoSX%2FRzyZ9SRcMooDXyguXT4LhN0ULgjM5rAnQJqEOTsm5I3NxYhMD%2BJzv83ElVEpwHEkjjKkhau%2BpyNL56WZRvM6jsA8981z0jRpjhxCPAmqsh8FIHT6w1RhA%2B9zKGLynx8BRMQbUpgS9gRLfgI%2Fwno%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a86794fe631f4d-FRA

GET
H3-29 200 MARCA-HORIZONTAL-VERMELHA-QUAD-PNG-1024x409.png
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/ 171 KB
171 KB 18ms
18ms Image
image/png 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/MARCA-HORIZONTAL-VERMELHA-QUAD-PNG-1024x409.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4707bb9ceccb599385e0df339cb309c6fa3c7e30b3b9d6e066ff945a74b3ffe0

Request headers

:path: /wordpress/wp-content/uploads/2021/05/MARCA-HORIZONTAL-VERMELHA-QUAD-PNG-1024x409.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51840
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 174697
cf-request-id: 0a7d1f111d00001f4dc325a000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aghzK%2F4ee4HTUrkeQDoOYuxVoJbyIPcvKlBXBDdDypuIW8jCyAyQUboxbIgsIF3iJaiBzjIEbfX2a7l8zVZdQL9U8%2FmrKIh8zWpp%2BchYjMxa1xLwnYEdL%2BuoOOg8dvsipybwpnBtehU4eb7SlKaxZfSrORrobyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86794fe671f4d-FRA

GET
H3-29 200 email-decode.min.js Show response
observatoriodeourofino.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://observatoriodeourofino.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0a7d1f111c00001f4dd2284000000001
last-modified: Fri, 28 May 2021 10:23:11 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60b0c48f-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gL1JDIBgMjFPswE6Ty%2Bhn3bSs9bnCk6kyApleT48WB55RPqATOOa9Ukx5%2BwfKdkVzbvTyErKp3axzWq6OWKFIcAKKxaQKT8VOE%2B7dsUYvO51qllrrMBzS1ixBjKNFCwac6UB44arpQxFtqUmj2vzGHdYhOdaiok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 65a86794fe641f4d-FRA
expires: Mon, 07 Jun 2021 09:34:20 GMT

GET
H3-29 200 tagdiv_theme.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/js/ 222 KB
49 KB 33ms
32ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.5
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5da074335b4dea72ed9409778de9a62b0eaa21fadc38cbc0a7a77142d87638e

Request headers

:path: /wordpress/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 20921
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f112000001f4d3b881000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8%2BmJal8ev5jtlsCsDqSZuX3PY1Ktch10lC3Ixhov4xLGwZWDHbJrTGbuxjbeEIFxgUEFbBG7dANOnH5U%2BAW3dXXb3PjIqvuWzGGfsmZokko6W8w%2F5vyWoqt4oACkMQUb4ns2XnMQop1UeFQWR3%2BiHkTbl53SLJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a86794fe721f4d-FRA

GET
H3-29 200 comment-reply.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 3 KB
2 KB 27ms
26ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wordpress/wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 399342
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f112000001f4d3403e000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nwO8RcDWIql38HWGnLmo12HPkwg0sgjChW73iv6O%2FAJgOAu5VlFACIEb9QQNlSnsMQDd%2Ffzvaw9QwhvfT3z4jZeDzCPK2MddjlZG%2Bc%2BVKKbqPkmESiomKdUSOjBm8CmqjV9BAEigcpo6NxcimyU1M1XLhzmWBrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a86794fe731f4d-FRA

GET
H3-29 200 instafeed.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/ 12 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/instafeed.min.js?ver=1.0.0
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c1731b6bbe72309c73535cd79e4fd969e9df21a99464788a72c3617ba8d7fa

Request headers

:path: /wordpress/wp-content/themes/newspaper-child/instafeed.min.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 524888
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f112200001f4dfa19f000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e%2F97Gwnq6KzfhfmT2Jvw27WHW%2FTr1VanvgTuS3Dg4j%2FkWNLGq%2FXZC77A0VCpp4tznPQ6le2oZNg1diKS9Bv%2BUAr8J0mril7aKMLnPNppcQ9hYvpH1wOtHeBucg%2FmxcddTYVa3wlQI1qoBVL4W1WCYyXsDHf05wM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a86794fe741f4d-FRA

GET
H3-29 200 wp-embed.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 1 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wordpress/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 399342
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f112200001f4d070bc000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2Hcik6DrIn1u9p7qYsR6FnMVP4VWvG0vokbxK5wfbpOKN%2ForKiHTTgz%2FB85bOZgSWiIanq98lFIKZq363kWtRBF4oxHZvWnuunQdiuQvC35PB4VZzzs8eHE5NNrMQ8%2BTHbl2cLBkio4k3lhZwBoxI9xrIb3zNLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 65a86794fe7c1f4d-FRA

GET
H2 200 barrauai2012.js Show response
barra.uai.com.br/2012/ 21 KB
8 KB 668ms
201ms Script
application/javascript 2804:564::1158
S/A ESTADO DE MINAS

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/2012/barrauai2012.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:564::1158 , Brazil, ASN20044 (S/A ESTADO DE MINAS, BR),

Reverse DNS

Software

nginx /

Resource Hash

b640d18022932da40a59383c73d182f9e393ac359b363b2dd3b509fc13325590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 14:01:54 GMT
server: nginx
etag: W/"8a04dd77-5595-5b5a3eb3bac86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
strict-transport-security: max-age=31536000

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=208560674&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ul=en-us&de=UTF-8&dt=Sicoob%20Credivass%20promove%20o%20Dia%20de%20Cooperar%20em%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=694828261&gjid=1667960460&cid=1186084253.1622885661&tid=UA-48948937-7&_gid=1536444890.1622885661&_r=1&gtm=2ou621&did=dNDMyYj&z=406434542

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=208560674&t=pageview&_s=2&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ul=en-us&de=UTF-8&dt=Sicoob%20Credivass%20promove%20o%20Dia%20de%20Cooperar%20em%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1186084253.1622885661&tid=UA-48948937-7&_gid=1536444890.1622885661&gtm=2ou621&did=dNDMyYj&z=425460071

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 08:16:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4655
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=208560674&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ul=en-us&de=UTF-8&dt=Sicoob%20Credivass%20promove%20o%20Dia%20de%20Cooperar%20em%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1049407773&gjid=559627439&cid=1186084253.1622885661&tid=UA-36182607-1&_gid=1536444890.1622885661&_r=1&gtm=2ou621&did=dNDMyYj&z=1850478864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=208560674&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ul=en-us&de=UTF-8&dt=Sicoob%20Credivass%20promove%20o%20Dia%20de%20Cooperar%20em%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1008266497&gjid=359990988&cid=1186084253.1622885661&tid=UA-3637695-1&_gid=1536444890.1622885661&_r=1&gtm=2ou621&did=dNDMyYj&z=294049652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/diariosassociados-uaicombr/ 62 KB
17 KB 52ms
15ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/diariosassociados-uaicombr/newsroom.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 854e7efb5f09924dbf8543ab9e7ad276e8d3034ee675e1cb571d574384437102

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "64a57109277a46215cecdc66211ba0be"
age: 159
x-cache: HIT
content-length: 16871
x-amz-id-2: QaxmKTrV9RBKlmJDCyXM0dz+mUivNfSb/sHq1OlX3jeeFFI7aRTVeJiAGmN+4R3E4gCpdmeb52k=
x-served-by: cache-fra19127-FRA
last-modified: Fri, 04 Sep 2020 23:39:50 GMT
server: AmazonS3
x-timer: S1622885661.072859,VS0,VE1
date: Sat, 05 Jun 2021 09:34:21 GMT
vary: Accept-Encoding
x-amz-request-id: D94D8EMH5R4EHG89
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
96 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-48948937-7&cid=1186084253.1622885661&jid=694828261&gjid=1667960460&_gid=1536444890.1622885661&_u=YEBAAUAAAAAAAC~&z=1772752455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 05 Jun 2021 09:34:21 GMT
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-3637695-1&cid=1186084253.1622885661&jid=1008266497&gjid=359990988&_gid=1536444890.1622885661&_u=aEDAAUABAAAAAC~&z=32609873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 05 Jun 2021 09:34:21 GMT
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 3901 197 B
688 B 491ms
230ms Document
text/html 2600:9000:218e:bc00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=o4q8lu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:bc00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Sun, 17 Jan 2021 17:13:16 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sat, 05 Jun 2021 09:34:21 GMT
expires: Sat, 05 Jun 2021 09:44:21 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: RefreshHit from cloudfront
via: 1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: rzc1XMbseRrg3wu71AjUpjGyAcnAJQpaiMJwhWLBQR_ZOA87WZTX5A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: barra.uai.com.br
URL: https://barra.uai.com.br/parceirouai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "893 / 641 of 1000 / last-modified: 1622844533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:21 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 07:46:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
age: 352055
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
expires: Wed, 01 Jun 2022 07:46:46 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:07:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
age: 311220
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:07:21 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame F741 0
0 23ms
23ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://observatoriodeourofino.com.br/noticia/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://observatoriodeourofino.com.br/noticia/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: 3ntVEX0JAlzxRd8U3WEm7fUKio9WPtkcu90f6ud6V5feTX5pqgKXHsjiInpBvBBLwz4EOcbDNdV5B1khr4HNjg==
content-length: 0
date: Sat, 05 Jun 2021 09:34:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ 232 KB
86 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915609541681026&plah=observatoriodeourofino.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87637
x-xss-protection: 0
server: cafe
etag: 15632250250964762239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:34:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame C5C7 10 KB
4 KB 5ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210601/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 04 Jun 2021 23:22:09 GMT
expires: Fri, 18 Jun 2021 23:22:09 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 36732
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2323232-622x1024.jpeg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2019/06/ 54 KB
55 KB 19ms
18ms Image
image/jpeg 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2019/06/2323232-622x1024.jpeg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289032a9c862fc491f2870c7c496e6d39b567fc5d777f435b9147121d529e5cf

Request headers

:path: /wordpress/wp-content/uploads/2019/06/2323232-622x1024.jpeg
pragma: no-cache
cookie: _ga=GA1.3.1186084253.1622885661; _gid=GA1.3.1536444890.1622885661; _gat_gtag_UA_48948937_7=1; _gat_gtag_UA_36182607_1=1; _gat_gtag_UA_3637695_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76197
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 55510
cf-request-id: 0a7d1f142a00001f4dfa1d8000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VT5CFKjFJWLcYFMN3eaTUocZcGH8rXdb5HDwsAnAkPMTuQY2t7whODMGlfnkjIW7UoCfrlVLy00AwdJtXK1Er%2BYo0SJG1SOVMJbz941UGbM49PQmsOxTyF4dUktLt3rUfNzANP4qA4jejSvoq%2Bn8ZVJvHHKoVtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86799df6f1f4d-FRA

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 36ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:21 GMT

GET
H3-29 200 elements.png
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/sprite/ 4 KB
5 KB 17ms
16ms Image
image/png 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/sprite/elements.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

:path: /wordpress/wp-content/themes/Newspaper/images/sprite/elements.png
pragma: no-cache
cookie: _ga=GA1.3.1186084253.1622885661; _gid=GA1.3.1536444890.1622885661; _gat_gtag_UA_48948937_7=1; _gat_gtag_UA_36182607_1=1; _gat_gtag_UA_3637695_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css?ver=9.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 586829
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4324
cf-request-id: 0a7d1f143400001f4db7033000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p4y%2B3TyesTKFXWgU84VOe5LYjxGIniv8HV%2BOHzTyhK3K%2B0Kp36W6G5oh%2FjxFXfBKi4uGJFC5DsO06x58nV41gMT1Mx9QGYx3IYwcd6wNje8zBQAF%2FKA2sp1YHk0TjE55MJmwyGFCCov%2BXcWMAtRHeYYe%2F1XYdEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86799ef8e1f4d-FRA

GET
H3-29 200 gazeta_ouro_fino_8029.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/ 227 KB
228 KB 22ms
18ms Image
image/jpeg 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/gazeta_ouro_fino_8029.jpg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58a2ba8efab34c5aa6385499bfc72f3b4f911c70a6a6070d58c5da32d2ac8ad

Request headers

:path: /wordpress/wp-content/uploads/2021/05/gazeta_ouro_fino_8029.jpg
pragma: no-cache
cookie: _ga=GA1.3.1186084253.1622885661; _gid=GA1.3.1536444890.1622885661; _gat_gtag_UA_48948937_7=1; _gat_gtag_UA_36182607_1=1; _gat_gtag_UA_3637695_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203394
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 232571
cf-request-id: 0a7d1f143c00001f4d4f887000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wg9tt7CUMfZ1S7V%2B0KPXhSZrBx5l4KJb%2B2hzYj635yi1JjczY%2BV2ZYVQdBGU1oq8SRADxjrLx4zPoLOQ9qLU0Fdtgy0yktfYotPwotK1n5aPsGM8O3ttMv5vavzWy4If9YquDKH0oL5RUDCs37Z8BPYbkO4XJEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86799ffa71f4d-FRA

GET
H3-29 200 Alquimia-Banner-2.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/ 272 KB
273 KB 37ms
33ms Image
image/jpeg 2606:4700:3034::ac43:93cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/05/Alquimia-Banner-2.jpg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:93cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a981e0c5f7a99bdb013ff4fec9b1c552cf0ec30e5d3331ed809768e819bb092a

Request headers

:path: /wordpress/wp-content/uploads/2021/05/Alquimia-Banner-2.jpg
pragma: no-cache
cookie: _ga=GA1.3.1186084253.1622885661; _gid=GA1.3.1536444890.1622885661; _gat_gtag_UA_48948937_7=1; _gat_gtag_UA_36182607_1=1; _gat_gtag_UA_3637695_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: observatoriodeourofino.com.br
referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 46632
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 278421
cf-request-id: 0a7d1f143d00001f4d243c1000000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bFHdnQebIgBS4SktKQzS3dH8lvBkcqEVpCcMR3NMkKcg02oCNRtQQem0%2FLYfSwIwmVCZDv0oVTFSKYBtOyfusMeldRkhK8GMIPIaMUllgwRTrFXb7xtb5UoQDoyqJxrbFvLW09ixpp%2FHWkNg5o5wUOHwVHXYpU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 65a86799ffb11f4d-FRA

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 media Show response
graph.instagram.com/me/ 14 KB
6 KB 229ms
213ms XHR
application/json 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.instagram.com/me/media?fields=caption,id,media_type,media_url,permalink,thumbnail_url,timestamp,username&access_token=IGQVJYei1QSEpocHpLdjh2QzhQM2FSTjRFU1dpUFhvSWlyVDRhRjZA3UFlyWi1tdEZAZAU0Jsc1NxTzBFYkktNUZApTzNhVGpfQmktbGtRY1huRTRQWlZACeTU2eTBGRm9QYXNnX1dtLWN5RU9tbldDa2QxUQZDZD&limit=8

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/instafeed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83c672c5532a77d586138c5a7c31c69918c02be21e76f9ac01f9891136c4a881

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
etag: "40a71962b9261aa5775ed5c7c7965948d675a46d"
x-app-usage: {"call_volume":4,"cpu_time":0}
x-fb-rev: 1003914533
content-length: 6040
pragma: no-cache
x-fb-debug: 4i9L6TQkG4VnMB8XlaFS3zYfwgmqyxrkSs1kWUujA42NHLzbY3dFIrcJYY48xgEPZpB3LEKFyuBafp4Pb3NE1Q==
x-fb-trip-id: 1425083115
x-fb-trace-id: DDe9YJ1Moav
date: Sat, 05 Jun 2021 09:34:21 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: Ad1_HlWX6vBu9ZboNunJmH3
instagram-api-version: v10.0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
419 B 18ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=observatoriodeourofino.com.br&callback=_gfp_s_&client=ca-pub-6915609541681026

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915609541681026&plah=observatoriodeourofino.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a943a130166649dfaf83ce9f7168396085a0c0b8293b5873abdb5a94354e719e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C40 405 B
228 B 407ms
407ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2888604272&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661697&bpp=16&bdt=982&idt=85&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=470757426386&frm=20&pv=2&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WviPLieqBQ&p=https%3A//observatoriodeourofino.com.br&dtd=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a603a626c58962562a567badb05063f09a24f88623159d3d9cecb2ff798f8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2888604272&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661697&bpp=16&bdt=982&idt=85&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=470757426386&frm=20&pv=2&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WviPLieqBQ&p=https%3A//observatoriodeourofino.com.br&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:21 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83E1 405 B
228 B 231ms
231ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2657115604&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661713&bpp=1&bdt=998&idt=98&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=w6iXg0fYym&p=https%3A//observatoriodeourofino.com.br&dtd=103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a4287e562c2c34ff00de163235c54867564e00276e9dce39ea3d9b013a03d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=60&slotname=1183293468&adk=3758132006&adf=2657115604&pi=t.ma~as.1183293468&w=468&lmt=1622885661&psa=0&format=468x60&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661713&bpp=1&bdt=998&idt=98&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=w6iXg0fYym&p=https%3A//observatoriodeourofino.com.br&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81C1 405 B
228 B 537ms
536ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=1543753041&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661738&bpp=5&bdt=1024&idt=116&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CBANDwRSfI&p=https%3A//observatoriodeourofino.com.br&dtd=119

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b8a87d23e57cf120636695323f7749922388b9c4ba01232284b832cf95f9b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=1543753041&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661738&bpp=5&bdt=1024&idt=116&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CBANDwRSfI&p=https%3A//observatoriodeourofino.com.br&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D24F 405 B
228 B 664ms
663ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=271434022&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661756&bpp=1&bdt=1041&idt=133&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=1725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0MDuKvA5t5&p=https%3A//observatoriodeourofino.com.br&dtd=136

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e07f4e48aa2d39217456500d2303a831b42ec3b56117b7fcc67cd10298d0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=2599613617&adk=1497016527&adf=271434022&pi=t.ma~as.2599613617&w=300&lmt=1622885661&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661756&bpp=1&bdt=1041&idt=133&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C468x60%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=1725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0MDuKvA5t5&p=https%3A//observatoriodeourofino.com.br&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 147ms
147ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4376692408466435&correlator=1610023070983681&output=ldjh&impl=fif&eid=31061180%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210605&iu_parts=6887%2Cuai%2Cparceiros&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1&cust_params=resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cobservatoriodeourofino%252Ccom%252Cbr%252C2019%252C06%252C28%252Csicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%252C%26titleofpage%3DSicoob%2520Credivass%2520promove%2520o%2520Dia%2520de%2520Cooperar%2520em%2520Ouro%2520Fino&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&bc=31&abxe=1&lmt=1622885661&dt=1622885661917&dlt=1622885660715&idt=1190&frm=20&biw=1600&bih=1200&oid=3&adxs=606&adys=56&adks=609419097&ucis=1&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

03f36729cb26daeb9211138a3078b2eb97b611cc96fd80de79aeca7bf9fc5992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
google-lineitem-id: 5687864154
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349480231
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 68ms
14ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 css2
fonts.googleapis.com/ 1 KB
460 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans&display=swap

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ede98267f13ca4a942914271e8d607169dbad2c458ca3e259e1d547154bd82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 07:37:23 GMT
server: ESF
date: Sat, 05 Jun 2021 09:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Jun 2021 09:34:21 GMT

GET
H2

200

/
www.em.com.br/assine/
Redirect Chain

https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg
https://logo.uai.com.br/uai.jpg
https://www.em.com.br/assine/

0
0

619ms
205ms

Image
text/html

2804:564::1183
S/A ESTADO DE MINAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.em.com.br/assine/
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:564::1183 , Brazil, ASN20044 (S/A ESTADO DE MINAS, BR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location: https://www.em.com.br/assine/
Date: Sat, 05 Jun 2021 09:34:22 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
Content-Length: 319
Content-Type: text/html; charset=iso-8859-1

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D930 405 B
228 B 443ms
442ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=90&slotname=3868408121&adk=634728373&adf=643048507&pi=t.ma~as.3868408121&w=728&lmt=1622885661&psa=0&format=728x90&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661766&bpp=1&bdt=1051&idt=171&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=VxVltdnnYi&p=https%3A//observatoriodeourofino.com.br&dtd=174

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198747a95f983c4a763a3f0c90adb046b29abe9845e01668f4ccfc74092bac55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=90&slotname=3868408121&adk=634728373&adf=643048507&pi=t.ma~as.3868408121&w=728&lmt=1622885661&psa=0&format=728x90&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661766&bpp=1&bdt=1051&idt=171&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=VxVltdnnYi&p=https%3A//observatoriodeourofino.com.br&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 01:56:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 286669
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Thu, 02 Jun 2022 01:56:32 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2F1 19 KB
1 KB 60ms
59ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&adk=1812271804&adf=3025194257&lmt=1622885661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661986&bpp=1&bdt=1271&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90&nras=1&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a129368c1f6bcc52b797a0e35c83dd7e6b8d67362ead73740764a670e59a85ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&adk=1812271804&adf=3025194257&lmt=1622885661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885661986&bpp=1&bdt=1271&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90&nras=1&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 1493
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 09:49:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H2 200 centralizador.html Show response
barra.uai.com.br/ Frame 32D6 739 B
979 B 201ms
200ms Document
text/html 2804:564::1158
S/A ESTADO DE MINAS

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:564::1158 , Brazil, ASN20044 (S/A ESTADO DE MINAS, BR),

Reverse DNS

Software

nginx /

Resource Hash

926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: barra.uai.com.br
:scheme: https
:path: /centralizador.html?origem=https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

server: nginx
date: Sat, 05 Jun 2021 09:34:22 GMT
content-type: text/html
content-length: 739
last-modified: Fri, 19 May 2017 16:43:23 GMT
etag: "58a88be0-2e3-54fe3383940c0"
cache-control: max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H3-29 200 memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88669ca2309970900842b8488c4cdf73e1cde037dc18d489ee6f6c44182a53c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://observatoriodeourofino.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 01:37:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:36 GMT
server: sffe
age: 287822
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13928
x-xss-protection: 0
expires: Thu, 02 Jun 2022 01:37:20 GMT

GET
H2 200 194411895_327103792123539_7049125440167039606_n.jpg
scontent-frt3-2.cdninstagram.com/v/t51.29350-15/ 123 KB
124 KB 233ms
217ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.cdninstagram.com/v/t51.29350-15/194411895_327103792123539_7049125440167039606_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=qb-4zdOZo2gAX8G0n-u&_nc_ht=scontent-frt3-2.cdninstagram.com&oh=d091462ee35d82b01c7f12d1bfc90f79&oe=60BF7754
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 967da60a86fd27234a9a017844f5fb359f5cca898ea41236e4963283d00f62d1

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3552242603
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Fri, 04 Jun 2021 22:12:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: LqKysKq8BSPoRaGmG3pj6Ooh0P8w8GGlljHn-fftJPeJHpCYkY4umqWgxdNkSVvOG0f7lhvHRoG-5YhqjSIr0g
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1567765562
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 126332

GET
H2 200 195936872_111284421064324_7588668553422741373_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/ 91 KB
92 KB 113ms
96ms Image
image/jpeg 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.29350-15/195936872_111284421064324_7588668553422741373_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=k559CQ9k_QcAX9frtzc&_nc_ht=scontent-frx5-1.cdninstagram.com&oh=1a52e80c096f1ef3f21f6c9f39c984cc&oe=60C123DD
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fded7eff5ec45a65ff6033d28366812f51ea487c6b2306aee18d7d7563a07af7

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1362307760
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 780166575
last-modified: Thu, 03 Jun 2021 14:40:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: y30JJIaj7dp_j8hJfwqxUrXFXPHPkGo7qHJi0hiTf1QYEyCgHHZGHJo_jOys4_gs7otTNlCOroUIaJZttbgAbg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 196954162
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 93502

GET
H2 200 192316387_811468246465093_7101037990654417865_n.jpg
scontent-frt3-2.cdninstagram.com/v/t51.29350-15/ 123 KB
123 KB 38ms
22ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.cdninstagram.com/v/t51.29350-15/192316387_811468246465093_7101037990654417865_n.jpg?_nc_cat=103&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=RJ2V-ZMUmt0AX88UDPB&_nc_ht=scontent-frt3-2.cdninstagram.com&oh=e98f384ac8273848ad3463a2e7f0b9dc&oe=60BF6B96
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 675d736c070e8e53fc20845a17215fc34e1eab7a44667ad67d8fd230e3ce4f02

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 260842143
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Fri, 28 May 2021 21:05:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: TbZosSEA9jo2UmVUYA5rzlRdHVvZkljjJsL33R8xv-IR0irCY7JVC7MdMhiqIcva-TYwYiCYjx_pYEXgHXi6Sg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2637626933
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 125956

GET
H2 200 191630051_1213768132412340_5799482511886695803_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/ 131 KB
131 KB 23ms
7ms Image
image/jpeg 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.29350-15/191630051_1213768132412340_5799482511886695803_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=6afzkri1aHwAX9PPXQs&_nc_ht=scontent-frx5-1.cdninstagram.com&oh=340cbe645947b63e4326c18f737a597f&oe=60C1299F
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bfa5be9eb55884bcf7a0a2fe829b23f80e51eb548b424e46d8a8fb8c124c0ecc

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2187373091
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 780166575
last-modified: Wed, 26 May 2021 21:29:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 308039647
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 133633

GET
H2 200 191271688_324252062734776_8456366984549647414_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 158 KB
158 KB 37ms
22ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/191271688_324252062734776_8456366984549647414_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=_zYt6KmLLyoAX9y86nl&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=77aecc95028a4349777675f8e3666bc3&oe=60C10807
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3412d50c81a0a84df9fb877395b245ee53ec21a1b2487822cd0abfe5808fe358

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 321115981
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Wed, 26 May 2021 00:39:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 8wHXs4iDcfDJVNQbNTZCcdM2fDZd4Hv4N7kLpo4kQYemF6PKBr5S_ED0_ea0owK7Cm9o4Pr0REOOR1c57Utj_Q
cross-origin-resource-policy: cross-origin
x-needle-checksum: 577286956
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 161564

GET
H2 200 189955625_511814139862430_2970929624821664621_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 138 KB
139 KB 116ms
101ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/189955625_511814139862430_2970929624821664621_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=pVDsFXJCuPIAX-bda2E&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=f6cf3cafd117a39527520a9e004e1b19&oe=60C01DCD
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 89d3259fb88567d8a3fb6e33a4820deb333b4877fdbb3e1e4db5e1ec521f67b8

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3274030975
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Fri, 21 May 2021 16:28:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: DDI4yuo53IdfYWbSy5TFAzr91GPO9sl0cGJ0NO_nuIldZwPrJh3P4Cy5GZHFga5U2Wu5DXdRbBMnOTb5LStLgw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3303190493
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 141753

GET
H2 200 188697513_2543219729135058_4374181330951719101_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 160 KB
160 KB 128ms
112ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/188697513_2543219729135058_4374181330951719101_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=B2PlFhaPuWIAX_XG9KK&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=7a629b86ced505deac79d8b96e76c795&oe=60BFAC94
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 237bf03b2e09ce53077feedd69e4615f0d5f37f924f00c03eb2025eabc225f59

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1278343616
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Thu, 20 May 2021 21:01:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: Izu4nPRIwgduIE2k2eB4SbI4tWpD0vJRAPEUuVnhkhAvG7nsPDofnSVyqGVDRBR9wNRgt-AlUULU6GWE-TmZMw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2468417335
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 163925

GET
H2 200 188858428_283265106810432_85514269728894414_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 128 KB
128 KB 22ms
7ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/188858428_283265106810432_85514269728894414_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=9mGGl7ak_nAAX8MJ5kf&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=ddc10bd1b8892722ba3d5d13bcbe9bed&oe=60BFCD12
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1b09fe481ffbcdd33908eafc80dfb6eeca3405cc00476e7dbaa08cb2ba9c3f2f

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4290705772
date: Sat, 05 Jun 2021 09:34:22 GMT
x-fb-trip-id: 1425083115
last-modified: Wed, 19 May 2021 22:03:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1053421105
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 131004

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 3901 4 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:214f:4000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:15:23 GMT
content-encoding: gzip
age: 1139
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Sun, 17 Jan 2021 16:39:33 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 6-jDLR7cA10t45Q7oQD98czRoZm4olSySoIVuyAhugfltqD9gWUdpA==
expires: Sat, 05 Jun 2021 10:15:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E21C 16 KB
7 KB 618ms
617ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f42cd67d4f2dbbcded5f37f05da6017d96765a621e50924be9f156cb5369ec82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 09:34:22 GMT
server: cafe
content-length: 7142
x-xss-protection: 0
set-cookie: IDE=AHWqTUkv0tuxIh6_S0AKCw4R3dFFgoq-HGtyVOinpuF5QiK-DyDNT-5mjbCBZHShGZY; expires=Thu, 30-Jun-2022 09:34:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: private

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F1A 0
0 18ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKbE7Zn5zZbuojIr_PBpRKElszOPZ7pl7HY2mQ-5PeCHJryygtkqJTb9zqY_ML0Wcxbk520pVw9Jpjj31JGKEN87R5derTAcbft5ldIHmH_YYkRMU5HgW3Y796zfZwLQ2B9z_uMX65rXCb4eLLA1ve6wdSCMSE6QVylnVv8XWBxPEVBBxS_dCvwJQm6uxtU5JcDNN8lqucICjm8F5cxX118I0uaZUxO7VLWHkx3syDfdajAhuosVCyLFgQymS68k_afsoy46hViL0mZUKFPpqOsDYYx8v5fZgNR5W5XruqNldCHQy4FJ12YWceCXhYJiEFqPAKM0qh&sai=AMfl-YTd0angW8Q2UaF03DqFLrJSIbcd0pJK3h3gSTPzIMfiNiS_giSgfqql9bt8h81avpXEyd2Kvk4xJbgfXbYKAgHV4CZJKnXnZzSqNdE7iTtXj8NkdSMSdlhmX2S308s&sig=Cg0ArKJSzIuoMSLuM9XbEAE&adurl=

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Jun 2021 09:34:22 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 3F1A 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:30:30 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 3F1A 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:29:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F1A 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F1A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQp54uyOfQLOsgQsnzFaVqeder2jt4O5Zk5WTVqqGSrxSDCORUattMnZOEndEC-pu7wxcr
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 5392871116799874437
tpc.googlesyndication.com/simgad/ Frame 3F1A 52 KB
52 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5392871116799874437

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55e91883df3d0ba5361f14dea4be10a32f573bfa82afe778164cf7b80ddcfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 01:47:28 GMT
x-content-type-options: nosniff
age: 287214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53517
x-xss-protection: 0
last-modified: Mon, 10 May 2021 20:32:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:47:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F1A 0
0 27ms
27ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVsd6zNh0ja-O7_j0LnNZgCbs7IcmWLp8eseREr0cEGoAdtfwjA62PHgjgXz8wR-KMy-Gpc4W6r3ZK2g5HyYLXvIp64Wj7Ta4KK-ZtaxlUljCfKGqXJuTjUImOXBEosgy3stmVarO0fQipD2zS_ITx7dcI54E2i37q72WmoYHNDcEUJ1pCiX-AMjqtGVIEvQ6MZy2V6Dd2_7-pUomlr9BJ1C3nwZ6ljlduMtVEy63N7M_8uOQ7Jueo8tsZqhS-VG4kjzYxVMSG0I6HsYmw0Lve6pW7ynf49o7-oQHmmaM5R91v0-o8yZUDPFHn&sai=AMfl-YSGAIsoeA-F_TelV1BsNSAIjC2BQKLZPv1Zsy77EbtxmLbdjmWP_CgNxXkeyawiH5_bkxCKCTfCPgjkLWu64EXpal4q3lvUL3kpqeniehzEx2ek2-Br-yWh6yLb0sE&sig=Cg0ArKJSzGd2J2vWgmQPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Jun 2021 09:34:22 GMT

GET
DATA 200
OK truncated
/ Frame 3F1A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97aaf01289040e64639039a0ca2e8712b82ead2bd2bf7ddd82cf1446943d133f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 32D6 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: barra.uai.com.br
URL: https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://barra.uai.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1379
date: Sat, 05 Jun 2021 09:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 05 Jun 2021 11:11:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6446 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO0XlHkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEiwJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw8ezE63eqiJP-yd_2UbyBB-3DaABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02OTE1NjA5NTQxNjgxMDI2&sigh=Ug6nuW6itr0

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 05 Jun 2021 09:34:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6446 0
0 30ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g4a4m1vg6ypndccr29vfjckzkmszecazh2sf7szdzev9xmtgw5tpwmsgkysnesnwh2zbb3q8wy4preb4v06s23z3j8jzw6cvn8s3b4wjc4x41hdmn7vh2j6d82k0fgx1nqbt1yvph2jc2r05ye5k1n8g47erefej5e4zxb88s7va0hrb3dgm1bcgkyf8gfyc3885et91emhmmy5vwwzab39jnyx1nswmseaev3g6zzewjq2yw01sdtvdhr2vbzpeqtbj5raetryqtyz9416h0fnjy2eqtse3a6wf0fkhhmy9v4tkphdsc9w792pnmbg6bmmp2wn098f1xrbddg0gm5c7fc3a4438ag66ww9qafsnn5jw95nn24b271a24p2vb0ggd18&b=YLtFHgAB1-wIFV_6AArrS0ABPf3uQW_bTxdABg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/2019/06/28/sicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Jun 2021 09:34:22 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 0CA0 2 KB
2 KB 39ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073e5cc3485c70954e045a9674afd7bbfd6ff9d2e9bfcb35d8cb3d7ea339175f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a7d1f181f00004ee5efa45000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65a867a038e04ee5-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6446 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:29:32 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D60 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 04 Jun 2021 19:54:30 GMT
expires: Sat, 05 Jun 2021 19:54:30 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 49192
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6446 122 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6446 13 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:32:10 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6446 0
0 37ms
35ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh0jnAqLuDcjdPbK7yXKH0N3Kb2hcr1hI2U5aqjKrqNGk6i2sWUzKAGKEwelXROFZEijaG4D3-uk8JPT4MVEpP0MtIEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3D60 35 B
463 B 27ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKdZmjcofugOZHtNXs6iGlU&google_cver=1&google_push=AQvitUKKPUmG9fUPwd96ach-2NmkC_-ZVbAeRJI8xDUrgXGJDYXYZ-ipx8k6rxuJlRaS3MNr_gAEsGU67iKAmAc3O9vzTYDUGQoj

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D60
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPCKl4Ltzuvv0aW0814TGCc&google_cver=1&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU
https://rtb.openx.net/sync/dds?google_gid=CAESEPCKl4Ltzuvv0aW0814TGCc&google_cver=1&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&google_hm=Bbwoe-0ZxOo2W9kKhYMveA==

170 B
188 B

38ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&google_hm=Bbwoe-0ZxOo2W9kKhYMveA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKVTc27EtEzgYOeVY-1874PFjJP41r4GdPouLQtPx8_1W-EBL_7lUlBo3zmSq4UHPZVgYGm-3lhuvpprMIw6pS9Y2vhBCvU&google_hm=Bbwoe-0ZxOo2W9kKhYMveA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ojuun0ojsqolm58kp65jo0d6q6nrkrbi

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D60
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtfHWmVgTxaGG1JfD1tBJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtfHWmVgTxaGG1JfD1tBJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKZ_kTVOsh-YTSLupcllDve5YTT4xpYJZVs2oQnOkN-p7kqcvya-GOULKGAuW6dZAwDrD72YLTjJvGlQgMsMJnNTzUk7O4h

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtfHWmVgTxaGG1JfD1tBJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKZ_kTVOsh-YTSLupcllDve5YTT4xpYJZVs2oQnOkN-p7kqcvya-GOULKGAuW6dZAwDrD72YLTjJvGlQgMsMJnNTzUk7O4h
date: Sat, 05 Jun 2021 09:34:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D60
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEY6Dyyjf2GXvcGkXfhlGXQ&google_cver=1&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BKSzdaT08tMVotQVRJMQ==&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMmHHG_m4a4U-K00FD1djpCU3KIX

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BKSzdaT08tMVotQVRJMQ==&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMmHHG_m4a4U-K00FD1djpCU3KIX

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BKSzdaT08tMVotQVRJMQ==&google_push=AQvitUJEQa2YpB2XqKnHL3Kmq0y0Seo4jLXfotDliZ1vMtrq6ziJYE6Cy2J8CiI4jEZsXTxgvMmHHG_m4a4U-K00FD1djpCU3KIX
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3D60
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6uc...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 3D60 43 B
295 B 71ms
23ms Image
image/gif 2a05:d01c:1d8:8101:c003:a766:aff9:a170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPUpCMFv0y5UsHkNl3K8c7Y&google_cver=1&google_push=AQvitULdIjRtWenECQtJhGHqdBEs4Ch1q4Uxji2aXHQcp__F9pPPBoTVibmIru4lX-tFdyj6HOd-LjHCa_4GHgO_w-GuFG9PlSk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&adk=3364431684&adf=3598866310&pi=t.aa~a.3054784995~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1622885662&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=324x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F2019%2F06%2F28%2Fsicoob-credivass-promove-o-dia-de-cooperar-em-ouro-fino%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622885662086&bpp=1&bdt=1372&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76eddedeea5f4fd9-2288d087b4c800a0%3AT%3D1622885661%3ART%3D1622885661%3AS%3DALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A&prev_fmts=468x60%2C468x60%2C300x250%2C300x250%2C728x90%2C0x0&nras=2&correlator=470757426386&frm=20&pv=1&ga_vid=1186084253.1622885661&ga_sid=1622885662&ga_hid=208560674&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744016&oid=3&pvsid=4376692408466435&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=3B8kgzG2U6&p=https%3A//observatoriodeourofino.com.br&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:c003:a766:aff9:a170 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D60
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBThh-eWedlRX4wTtY_uAZY&google_cver=1&google_push=AQvitUJ8IxteBu378Xk20rQh...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ8IxteBu378Xk20rQh3ff7vWQgDGNzJgv6n-ywbtrm-70aFr-Bs0YcpRo8dYOJsDRbgl6TunvhrRm9w8GNK0YDr2RhBCN_Fg&google_hm=

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ8IxteBu378Xk20rQh3ff7vWQgDGNzJgv6n-ywbtrm-70aFr-Bs0YcpRo8dYOJsDRbgl6TunvhrRm9w8GNK0YDr2RhBCN_Fg&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:22 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ8IxteBu378Xk20rQh3ff7vWQgDGNzJgv6n-ywbtrm-70aFr-Bs0YcpRo8dYOJsDRbgl6TunvhrRm9w8GNK0YDr2RhBCN_Fg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 04 Jun 2021 09:34:22 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D60 0
227 B 46ms
22ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqP3Irl3z6bcdRhfvVuouq5QNWHlC_7yHMNZPELWRhyxOmFcUg3H-anDaxMsLE7TvLoAcu-w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6446 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55a8a1f97ae08542b8d648617f70e38093fa515971179a0cfc215e3330243e20

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 0CA0 58 KB
59 KB 26ms
16ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Sat, 05 Jun 2021 09:34:22 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6438915
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0a7d1f185300004e449284c000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H8DOhuLupmGxCKFyM6JDIYhzFKcbRDLDg9okKJPLHMLCUZWMkGPsu3Cjv3%2FXwoeiyOwIW5dQOq5oymFQX%2B64fp7bwEtSecegH3IJK3qdNvfHZWZtO6QQCW3%2BmldDs3pl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65a867a08d764e44-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 0CA0 36 KB
12 KB 39ms
30ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Sat, 05 Jun 2021 09:34:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58114
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7d1f185400004e44f3120000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B5ScGKL6ME1wV3UHYdJ6Zp1VImGv0MAC8dDfK72p4S3oi0u%2B87x%2FyhhVTrhrREsIBY4%2BN6QlRIZvqUB5ad0cGlh%2FIf4sLjCXPkumDA8CIPJ8xr8i7%2B8SWp6rOph5gTMZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65a867a08d794e44-FRA
expires: Fri, 04 Jun 2021 17:25:48 GMT

GET
H2 502 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0CA0 0
0 55ms
33ms Image
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 7FC3 2 KB
2 KB 19ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 05 Jun 2021 10:34:22 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1082306
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0a7d1f187d00004e44c92dc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3kRgVveFUEdEDaaT1aKfTyiyvQHBzF%2B52UknDwcxVQOOrRXgqXn8Z7%2Bz5HvcvGt6kMS2AZnIXjUkq%2FkAIlarq8LoRBsJKLf9rfywc2JKTqPnG0RyelicnCMRySSQZbyK"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65a867a0ce514e44-FRA
content-encoding: br

GET
H2 502 frame.html
ad4mat.net/ Frame BC02 0
0 27ms
26ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65a867a0fa78061c:FRA; path=/; expires=Sat, 05-Jun-21 09:34:52 GMT cf_use_ob=443; path=/; expires=Sat, 05-Jun-21 09:34:52 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65a867a0fa78061c-FRA
server: cloudflare

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F1A 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRdtYZEZ5zBEgGNWM75eEGDqBX31xbTL7rGVKK5CW-OGPJqXJ0F6MqpVXmmDkpxQFRPm9B04AzGRjGXmM-C7tlZ2S9Z7Pk5yrUTw7sLx8&sig=Cg0ArKJSzLMSv4Z2ePYyEAE&id=lidar2&mcvt=1000&p=94,606,184,1334&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210604&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=609419097&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622885662121&dlt=0&rpt=57&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb6bd1d9ea350a01cf394bff5340f2ebcab63bf421ce92d6c841502e840bc3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 09:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7718
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:34:24 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 91D9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 05 Jun 2021 09:15:23 GMT
expires: Sun, 05 Jun 2022 09:15:23 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1141
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC36 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89b9917505c90eeeff2f396cb5c19d8208fcf2dc896fb0a87e8155f2bc11a5e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MxIMUXJDVU8h7jaIgJ/NSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://observatoriodeourofino.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://observatoriodeourofino.com.br/

Response headers

expires: Sat, 05 Jun 2021 09:34:24 GMT
date: Sat, 05 Jun 2021 09:34:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MxIMUXJDVU8h7jaIgJ/NSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 91D9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=4376692408466435&bg=!FxSlFFDNAAY6sG-_OrA7ACkAdvg8Wht4Ug6K8xFhLMWa9jGwe_Ulr-Rh2KFneOxvL5BfGvaZXPOnhAIAAAA6UgAAAApoAQcKAT1-6xrqz-HxtO1Wej_vpr4nKuiYpjxx56tH5PuNH0wHlHXUawZ-McOkUgLUb6CyqUWOUWbyCzLxiBn4nfPcJr1XWVQ_Z8y4s5nthWjbfSDgttOHz-8cnHF0MsVzG-JC9N4lJ60dcOUfzuQ0Oqf87SzKoAfa-w8Oqe78KqPHBehhSWywezVz-0XbzVgABY0EStsvZ6GTjf0iOmDXBEgGcqH7e5pwmTONsXnU8V_46TeVdWWRx0QMwgtUWaccOWuLYt4jlRITQtT8hVsO3Vlj7NEmC8nCZOn3-CJXjB26ru6csUu-BSqc-9KB0zIrG1VWvshg-euKOwSEyF5Xj7pxtgsYQovTDgkfUtk64xcn4ly_VI3z5Hoz79wXFg5Idzje3FsJjajF80uMywskSmlLfpkxeCyVDLuDKuBOQ5QO0ZkCUjZClDgI65WT6SJbNeER9z0DMm9Wh0c6o-9zIz7puu0kWQ3Ny49_ocWb17_yXawrEc8jZCPt2jEXPdHej_QS2zYHthOJcEQbc_1F2r_G3yDyE8Pf8iW0-FhzorHmuagea4zYI0MRXlWbUNrYqUzYwMT15OuBbst9cqFwVV_i49kxi-8J6_gqgIZAi1Lr46HmwAhTvq8D9we7QL9IhlurBhwCLgLdHM9Dr8_X5m1wS7cDMjW0yKl7Zn8KB6EL6APDxuaMwJ4-j3V6yUGmVmc1IjigGT3X1CQwgF2pSr5P7IpggaszXsTChg-IfC7qAAxHpJXlH4Pax-3L57CUbukvQvr-Yq-6HYcHRMtKbtKElzGxm5t61jUCAb7KcrOHU9D6oOcSJY2jwTsSotVCwEVWvByzRQ2Z2IXSnHZ77tzos0UQ2-v5VaG_DkqqPWTwe4ezWi4o7ZS9cheHmIcZene3dSkBSC42PXnoiUoNsPrHmqFpQzRmqaqT1u37e618wqYDDB0CY7GTQlPaSMf_wX0TBThIGrDILIJ_DHrAKAfPa6Sjzi16Mn2Cps7RHYjPQGQ2t96ji6_mdBz_nD5XXtb7sf2av1Z9zQPrLv-Hegw91a6Yz7tf7mp18EMWVmM8DLXvbojGIDfdZfwDKvZe4k_XkO3SyPitTxQV0zSwLgqAVaTSqiEd6lWH9BchrS1hkYrNtHNK8-JzLW56JTrX0KimEn89sGA0hQ5RNPqXa3_pXswWpJmWVF6WRlX5GZCjNKOh_ED7fYqbaexkVHPzBjJLWyuCFQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 09:34:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 0CA0 1 KB
2 KB 25ms
25ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc64a3de0c6f9df5199522ac378d9acb28f99db7ad9b71a18045ee99a704213

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hq2jr4wnbghn6bf3vrsckfkmezyz29ztversmxb7p62vjmecee1jd0t06e3ww0bfat03bpnw0znfept06bhzg8sb7zxjck0wrx6bj2hf4zh1fhq0jkz547t58mn1h4p65zs9c0ydw6dhs24bpmd0qe1h8rj6v9ns6p9bgwc9a2g5wxgcmn4zgyp2bvpe9ee042kh6y5d65rqfjdjrm5tnxtpbk8cabep7y4v5c4kf6p84jvkh62z896vdxtz2qx0px687bkxd68j98hf6sjn9w6y9hy2hn27yhanxfth2h86sxzn97a2wa0c9jbg2p7me7k9kcww0mq38vvmv3xj5gm71w66h2ef9r8kc18s9e977mksk2m655fp6tfj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%26client%3Dca-pub-6915609541681026%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Jun 2021 09:34:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0a7d1f209a00004e44a30de000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KaW5kx%2B4Sf%2BHceSSlPb%2Bqkb4CSmzxSj%2BIezuWJCHwJ3SvCvDTKHWfTbJill%2BC1v2NJL5O0A%2BHBM4t2pbOwaKnMdoAi8LaG%2FAgFiWexBN%2BwwQyHVRPZHky1BjcSc3sYbY"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65a867adcfee4e44-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame E749 9 KB
4 KB 28ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7711a6636c6bed85eb5c8332034f58192ee7ff589c648058f574e5ba0c5dfe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:24 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a7d1f20ba00004ee54e2a4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65a867adf9ce4ee5-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame E749 59 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 256595
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0a7d1f20d900004e44cc0ae000000001
cf-ray: 65a867ae28c94e44-FRA
expires: Sat, 05 Jun 2021 10:34:24 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E749 18 KB
19 KB 28ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 05 Jun 2021 09:34:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 129925
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwNt4ZNkWh65Cm46ntzyn12M0XX90QvsZ-2wvzAfoT5_aDXOBJnpWS2_ZfKH5_V65Ha5AviMh0L9fLyErl2riA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0a7d1f20de00004ee54737b000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x%2BZepTTXWMojzqCbt99iWOvp%2FbiztPefLgRBekky37k3J%2FE2tbJfbKibnf5SvDrRf5CGc8c77gVWhF2mIB9XPYwSQE8VTP4%2BopoZIuTwW80R5g1ndOz7AKxh1JnV1i3%2F2Z50%2B6%2BXdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 06 Jun 2021 09:34:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65a867ae2a434ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame E749 2 KB
2 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 05 Jun 2021 09:34:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 132397
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-UzbsXpe5LSu9v7yS2vmFrooCiA8EL6bdRGnA86KqsDr6kDspsV2Ry-vW0_d6vurEIor_x2_870WR-EMRq01X7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0a7d1f20dd00004ee50ab02000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CwErAdKdZtz6q4seJ1QrGNo8SVF70A35mqPC%2FpTqZIO%2FQQpXWA23o7cxpfWUYztszW5LNF%2BLJl4zdGSH0OSJYXpPaVYkPhPtwlPfqr4KestVItPZ%2B9WmBGQBjSTYWGINKz4gtkdAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 06 Jun 2021 09:34:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65a867ae2a454ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E749 43 B
704 B 84ms
43ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Jun 2021 09:34:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E749 38 KB
39 KB 19ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 05 Jun 2021 09:34:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 829035
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0a7d1f20de00004ee5562a7000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rifxbXiL%2B5FhrFZB3QU5cqZxfQ5K8%2FjVFoX8UOAPdxr%2FF%2B9kxmcwrwHto0lBZW%2F4MPJlkw2lLMYtLgyCQ%2FH3iat431QQW8Eb8abU4tSUoPcpDUAxZKKmsXYQXNENeobuyyccRMbswg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 06 Jun 2021 09:34:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65a867ae2a4a4ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E749 113 KB
113 KB 26ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 05 Jun 2021 09:34:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 829682
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0a7d1f20de00004ee52d0a6000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JsI%2BVmvJONwOVUnz%2FfwClIkrThq8XiEeyr82cmjqhX4ie4i%2FXYsaZH6RLJvv9pc2fFY7M1wLlId42X29KZ5koeNsxfUOvQjxPnXrbZnCzVSUAabx7bFLZFgQ2sDnRa0Wp6TjZWPr1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 06 Jun 2021 09:34:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65a867ae2a4e4ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E749 43 B
702 B 86ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Jun 2021 09:34:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E749 38 KB
38 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 05 Jun 2021 09:34:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 131095
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UxkTUW5YSKIxu8CkEL3wCjce79_MQEZ6HQjatXpRl0wlOoKMVPHpajM2fRfczfD3_5Vcl_OVavgWVrb09BSTl8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0a7d1f20e000004ee52086f000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bvQfD2CWOSiDJl6JYbOs6cbZhNjAhPJh9LMPP89XvM4%2FzNvBQuMADLjXFIJ5fxcSQ5964YM3p2c%2BXcIxtjkFKUrIUvnkhoy43C4sgPETGcBlPMG34qFYvIILWX4kO2kVLqFrH2VNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 06 Jun 2021 09:34:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65a867ae2a554ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E749 84 KB
84 KB 25ms
24ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 05 Jun 2021 09:34:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1082217
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0a7d1f20e000004ee5fc8a7000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=po2Wyto9AYkG5MWCUd9RW0tm%2FT6VmEaOpCS%2FubN4h6RZsZD9gAdLcCuliqhNmArp2hGwt3xBLHpWoLp1ck%2BfIkdN7Mz4M1Vz71uhcj8TqMeK6afV%2FOWUFKnEqsEj7ZYphuDhV6w2Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 06 Jun 2021 09:34:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65a867ae2a584ee5-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame E749 12 KB
12 KB 155ms
92ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 34e2520458868cc063744356bb8493a975d4eea57df7df1c80ca19b89b0f9a51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Jun 2021 09:34:25 GMT
Last-Modified: Sat, 05 Jun 2021 09:34:25 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E749 60 KB
60 KB 72ms
21ms Script
application/javascript 52.222.149.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-50.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 14:56:52 GMT
via: 1.1 6d865250c628e9708a223a07778aa5b8.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 67054
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: eRpvNe3NqfK5d3ntqAYoDE0ddN2YHepZ_4fwODgTZZyUTBbs92sXtA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame E749 79 B
374 B 96ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_STdV.BMgkLs2dI_AIQjvEodUW2vqCRc7L1eLY6Refs.BN1eN.RNtJ9Xvj9KyZAxGjXGfe2Rc7L1eWNNW5BNlYiJ4uy.CR5&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221622885665%22%2C%22%22%2C%22%22%2C%22%22%2C%221778405665%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=d1b20230aff690f41862078e5c1cc53d&userIP=89.249.64.171&doAffectv=1&wgtime=1622885665
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 05 Jun 2021 09:34:25 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame E749 85 KB
85 KB 63ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidJkBHzf5fK3YaBH6H7tptpPxTjtdtQYoneid__wortsuchen_advancedad_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=e09c60d424dd5be785657008f533123d%2F1590249491293206632&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21w1afp3hm892rph29p2w28k0sedkk2v6xc5gp01qjmpf0q1n94cff4nrfe1bj5sqbgpzvj422n2nsrnks90ne6r2fab9drj27t9v201a6q59xk0ac16pe1xj9c2zcn0yay52z2457tdd8wjmha5r644zgqxvddpqk7ce8ks740vmd94ghrhxkgmkx8p7v4m9yrvyszym2x7jkq5dnnnw5ndfvqaax1yx6ychqp4ry16pk1cffz7np89wx6ag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaA08HkW7YOyvB_q_1fAPy9arkA6Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY5MTU2MDk1NDE2ODEwMjagAcKu6N0DyAEJqQKljNEhqGm0PqgDAaoEjgJP0JQDuSfbDGv4OmN68_WyQKHJbA7YRY1ganrDLMT97www4cxg7FZ7SMLRGaj3bnApfvgaR6VWODkmX_TAd209i1b-gqghkGviz1SSb8MudobaCXQhOvpeN8-A3TuYQobYR_jwVX7S6W3ksbF3mZpJJXBabcBhJH3zGWtmoW2iOmicDAt03MG9EfdbqkpLJwUyRYssKE2OV3iTu85v9NMFssPcSzSiYzNkW54UlsKsdQAS76v5xqTQ2U6_YI3wz9vQwain9tv9ZRiT9HLnmjm693dyF2J_LVIUC3oPFMq0vOdPznvNkAC1jijfIZkrIL88_gU9uoS8yw9czkMlrX0OfyQat_PBgYKM5SJfRsCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0JFwP9mr7r1SXzL0h3nOycjp3sbw%2526client%253Dca-pub-6915609541681026%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Jun 2021 09:34:25 GMT
Last-Modified: Sat, 05 Jun 2021 09:34:25 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame E749 63 B
270 B 99ms
37ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_STdV.BeKKmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dV0lY_FeAiwdMuFjp5y85icCmVWN9e4WX3NlY5DtFMfs.EDn
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 05 Jun 2021 09:34:25 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E749 16 B
232 B 68ms
67ms Fetch
application/json 52.209.181.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-181-46.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Jun 2021 09:34:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame E749 44 KB
45 KB 27ms
20ms Script
application/javascript 52.222.149.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-50.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 13:02:41 GMT
via: 1.1 6d865250c628e9708a223a07778aa5b8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 73904
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: -oIgsd3hrSSMjwqhCsvtLobL3jUXbvOezpsTbJ-ebZSOmnUKGegfrQ==

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 122ms
31ms Preflight 52.209.181.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-181-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 05 Jun 2021 09:34:26 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 tag Show response
w-it.m-t.io/ Frame E749 18 B
204 B 105ms
70ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1622885665983
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:34:26 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 1098bea69529418ecf071ae3ebabebfc
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame E749 0
75 B 40ms
40ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16228856650957_5adc9f3f23&programId=12607&expiry=1778405665&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 787a0d522b409009db071b0f3dcfde39
server: Google Frontend
date: Sat, 05 Jun 2021 09:34:26 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLtFHoKFoVLA37A42PihEQAABFkAAAIB&google_cver=1&google_push=AQvitUIDgHU1fK25C9ktJoM_Rzm5EWzrDjni6VC138y-PqYnqcg5DXAUV9XinrvVPynmT48Tk6ucq37ogUbprEcGTZhLk2bgQVqd&google_gid=CAESEONVRKI-rA2_l6Jq9qcfeo4

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.observatoriodeourofino.com.br/	1970-01-19 18:48:05	Name: _gat_gtag_UA_36182607_1 Value: 1
.observatoriodeourofino.com.br/	1970-01-20 04:09:41	Name: __gads Value: ID=76eddedeea5f4fd9-2288d087b4c800a0:T=1622885661:S=ALNI_MZAze_FnU7Ulq_FiEedlkw1fVzY-A
.observatoriodeourofino.com.br/	1970-01-19 18:48:05	Name: _gat_gtag_UA_3637695_1 Value: 1
.observatoriodeourofino.com.br/	1970-01-20 12:19:17	Name: _ga Value: GA1.3.1186084253.1622885661
.observatoriodeourofino.com.br/	1970-01-19 18:49:32	Name: _gid Value: GA1.3.1536444890.1622885661
.doubleclick.net/	1970-01-20 04:09:41	Name: IDE Value: AHWqTUkv0tuxIh6_S0AKCw4R3dFFgoq-HGtyVOinpuF5QiK-DyDNT-5mjbCBZHShGZY
.observatoriodeourofino.com.br/	1970-01-19 18:48:05	Name: _gat_gtag_UA_48948937_7 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1765dbcea01a98c3c7d10e38d3fb7836.safeframe.googlesyndication.com
ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
ag.innovid.com
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
barra.uai.com.br
c2.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
diapi.webgains.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
graph.instagram.com
image6.pubmatic.com
imgs2.uai.com.br
logo.uai.com.br
observatoriodeourofino.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
scontent-frt3-1.cdninstagram.com
scontent-frt3-2.cdninstagram.com
scontent-frx5-1.cdninstagram.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
track.webgains.com
w-it.m-t.io
www.awin1.com
www.em.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.239.217
142.250.185.130
142.250.185.98
151.101.13.44
185.64.190.78
217.182.200.29
2600:1901:0:76b9::
2600:9000:214f:4000:6:9eb2:5cc0:93a1
2600:9000:218e:bc00:6:5b96:3f00:93a1
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2606:4700:3034::ac43:93cd
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2804:564::1158
2804:564::1183
2804:564::2003
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2013
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9c
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f22d:c4:face:b00c:0:43fe
2a05:d01c:1d8:8101:c003:a766:aff9:a170
35.227.252.103
46.236.13.147
52.209.181.46
52.222.149.50
69.173.144.139
81.29.72.47
0117082955c19dd930456ec30c3c35a54e3f1eec129a82ce6721d8735b916731
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f36729cb26daeb9211138a3078b2eb97b611cc96fd80de79aeca7bf9fc5992
073e5cc3485c70954e045a9674afd7bbfd6ff9d2e9bfcb35d8cb3d7ea339175f
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
138ff99f8763b128006bd64f51a346fa87a142daa56fa335c7d45bca0ade2df1
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14e67dd84c92356342bf92a4ab1aeb65fbc5a4231165a475b74b8812af569164
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
198747a95f983c4a763a3f0c90adb046b29abe9845e01668f4ccfc74092bac55
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1b09fe481ffbcdd33908eafc80dfb6eeca3405cc00476e7dbaa08cb2ba9c3f2f
1cc64a3de0c6f9df5199522ac378d9acb28f99db7ad9b71a18045ee99a704213
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
237bf03b2e09ce53077feedd69e4615f0d5f37f924f00c03eb2025eabc225f59
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a4287e562c2c34ff00de163235c54867564e00276e9dce39ea3d9b013a03d6
25b588f7a82dacda5a429eafc52b59872dc668ea6d51eab2ddf9c36804676184
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
289032a9c862fc491f2870c7c496e6d39b567fc5d777f435b9147121d529e5cf
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3412d50c81a0a84df9fb877395b245ee53ec21a1b2487822cd0abfe5808fe358
34e2520458868cc063744356bb8493a975d4eea57df7df1c80ca19b89b0f9a51
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
3b8a87d23e57cf120636695323f7749922388b9c4ba01232284b832cf95f9b12
40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4707bb9ceccb599385e0df339cb309c6fa3c7e30b3b9d6e066ff945a74b3ffe0
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a8a1f97ae08542b8d648617f70e38093fa515971179a0cfc215e3330243e20
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5a603a626c58962562a567badb05063f09a24f88623159d3d9cecb2ff798f8e0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ede98267f13ca4a942914271e8d607169dbad2c458ca3e259e1d547154bd82d
5ff94f88943267560a1f702ad95e00452724b1b48b4fa6c4269311a1dc4aa0e6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
675d736c070e8e53fc20845a17215fc34e1eab7a44667ad67d8fd230e3ce4f02
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
777576053281eca65214fffb72509206cf779c92555d749426d321fbab53f447
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
83056cb62961fd9c47117752a89d173665d3ac485d75731388016cd40e60c71b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c672c5532a77d586138c5a7c31c69918c02be21e76f9ac01f9891136c4a881
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
854e7efb5f09924dbf8543ab9e7ad276e8d3034ee675e1cb571d574384437102
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
88669ca2309970900842b8488c4cdf73e1cde037dc18d489ee6f6c44182a53c7
89b9917505c90eeeff2f396cb5c19d8208fcf2dc896fb0a87e8155f2bc11a5e2
89d3259fb88567d8a3fb6e33a4820deb333b4877fdbb3e1e4db5e1ec521f67b8
8b7711a6636c6bed85eb5c8332034f58192ee7ff589c648058f574e5ba0c5dfe
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
967da60a86fd27234a9a017844f5fb359f5cca898ea41236e4963283d00f62d1
97aaf01289040e64639039a0ca2e8712b82ead2bd2bf7ddd82cf1446943d133f
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb773e92fea6f666cb6f16fadc555e0c61146c07f031aa075bbc15932da0772
a03feec961c7966dd17a981aafaffa8bbb80bb15351a6c19402647afede1437e
a0c1731b6bbe72309c73535cd79e4fd969e9df21a99464788a72c3617ba8d7fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a129368c1f6bcc52b797a0e35c83dd7e6b8d67362ead73740764a670e59a85ae
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a943a130166649dfaf83ce9f7168396085a0c0b8293b5873abdb5a94354e719e
a981e0c5f7a99bdb013ff4fec9b1c552cf0ec30e5d3331ed809768e819bb092a
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
affb24236f1fa3555421ee6d35f94086e4358f9b93cd428ba91ab6d4f5ea8a91
b5da074335b4dea72ed9409778de9a62b0eaa21fadc38cbc0a7a77142d87638e
b640d18022932da40a59383c73d182f9e393ac359b363b2dd3b509fc13325590
b8e07f4e48aa2d39217456500d2303a831b42ec3b56117b7fcc67cd10298d0aa
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bfa5be9eb55884bcf7a0a2fe829b23f80e51eb548b424e46d8a8fb8c124c0ecc
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
cb6bd1d9ea350a01cf394bff5340f2ebcab63bf421ce92d6c841502e840bc3b5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d44b73b11ab09cc8910e73f890f574288d6173be8a6ee27833f47153b0ff0e63
d55e91883df3d0ba5361f14dea4be10a32f573bfa82afe778164cf7b80ddcfb3
d58a2ba8efab34c5aa6385499bfc72f3b4f911c70a6a6070d58c5da32d2ac8ad
d90a83b1d7e68a4f251f36829efca6a9e973a2747fc8ecb8a60586364ca7d85e
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42cd67d4f2dbbcded5f37f05da6017d96765a621e50924be9f156cb5369ec82
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fdbfa9696f1a806b4ad1b377a51b6b0db3083de070122c0d091603b42c871619
fded7eff5ec45a65ff6033d28366812f51ea487c6b2306aee18d7d7563a07af7

observatoriodeourofino.com.br Open in urlscan Pro 2606:4700:3034::ac43:93cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

74 %IPv6

31 Domains

48 Subdomains

43 IPs

7 Countries

3796 kBTransfer

7073 kBSize

7 Cookies

26 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

observatoriodeourofino.com.br Open in urlscan Pro
2606:4700:3034::ac43:93cd Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

74 %
IPv6

31
Domains

48
Subdomains

43
IPs

7
Countries

3796 kB
Transfer

7073 kB
Size

7
Cookies

145 HTTP transactions
6 data transactions