portaldocolorado.com.br Open in urlscan Pro
2604:4500:6:3e3::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portaldocolorado.com.br/
Effective URL:
https://portaldocolorado.com.br/
Submission: On December 22 via api (December 22nd 2023, 6:27:01 pm UTC) from US — Scanned from DE

Summary HTTP 216 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 40 domains to perform 216 HTTP transactions. The main IP is 2604:4500:6:3e3::2, located in Tampa, United States and belongs to HVC-AS, US. The main domain is portaldocolorado.com.br.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time portaldocolorado.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2604:4500:6:3... 2604:4500:6:3e3::2	29802 (HVC-AS) (HVC-AS)
14	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:220... 2600:9000:2204:d000:1:825a:8300:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	18.239.83.58 18.239.83.58	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.239.18.33 18.239.18.33	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.216.91.216 54.216.91.216	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	167.235.142.248 167.235.142.248	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9 16	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5 9	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	3.66.143.165 3.66.143.165	16509 (AMAZON-02) (AMAZON-02)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	167.235.3.44 167.235.3.44	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	2600:9000:25e... 2600:9000:25e8:6c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	157.90.6.85 157.90.6.85	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.28.137 104.18.28.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
216	48

25 2604:4500:6:3e3::2 (Tampa, United States) 1 redirects

ASN29802 (HVC-AS, US)

portaldocolorado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.myth.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info.nsmedia-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.nsmedia-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:d000:1:825a:8300:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.nsn-server.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-58.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.91.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.142.248 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.142.235.167.clients.your-server.de

ad.vsrv.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.90 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.143.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-143-165.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.3.44 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.44.3.235.167.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:6c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.6.85 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.6.90.157.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b1.trickyrock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.137 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bwin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com Failed	443 KB
36	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	283 KB
25	portaldocolorado.com.br 1 redirects portaldocolorado.com.br	671 KB
18	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	753 KB
14	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	1024 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	133 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	6 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 71029 d.tailtarget.com — Cisco Umbrella Rank: 77929 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227 b.t.tailtarget.com — Cisco Umbrella Rank: 60259 cm.t.tailtarget.com — Cisco Umbrella Rank: 17921 t.tailtarget.com — Cisco Umbrella Rank: 15832	38 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	nsmedia-advertising.com info.nsmedia-advertising.com — Cisco Umbrella Rank: 371862 c.nsmedia-advertising.com — Cisco Umbrella Rank: 337302	3 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	8 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	778 B
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 pm-widget.taboola.com — Cisco Umbrella Rank: 3686	259 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	vsrv.media ad.vsrv.media	59 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	800 B
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 27971 ui.cleverwebserver.com — Cisco Umbrella Rank: 28712 call.cleverwebserver.com — Cisco Umbrella Rank: 29496	48 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 117582	74 KB
2	trickyrock.com 1 redirects b1.trickyrock.com — Cisco Umbrella Rank: 161353	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	588 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	960 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 123499	757 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	gstatic.com fonts.gstatic.com	49 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	myth.dev tracker.myth.dev — Cisco Umbrella Rank: 721254	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	bwin.de www.bwin.de
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	236 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	nsn-server.xyz scripts.nsn-server.xyz — Cisco Umbrella Rank: 290008	155 KB
0	pinnacle.com Failed www.pinnacle.com Failed
216	40

	Domain	Requested by
25	portaldocolorado.com.br	1 redirects portaldocolorado.com.br cdn.pn.vg
24	pagead2.googlesyndication.com	portaldocolorado.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
16	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
14	www.googletagmanager.com	portaldocolorado.com.br www.googletagmanager.com tags.t.tailtarget.com
13	cdn.revjet.com	ads.revjet.com srcdoc
13	tpc.googlesyndication.com	portaldocolorado.com.br 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
12	s0.2mdn.net	portaldocolorado.com.br s0.2mdn.net 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com portaldocolorado.com.br www.googletagmanager.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	www.google.com	tpc.googlesyndication.com portaldocolorado.com.br
5	securepubads.g.doubleclick.net	portaldocolorado.com.br securepubads.g.doubleclick.net
4	4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.de	portaldocolorado.com.br
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	c.nsmedia-advertising.com	scripts.nsn-server.xyz
3	pix.revjet.com	srcdoc 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
3	ad.doubleclick.net	1 redirects 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com srcdoc
3	www.googletagservices.com	portaldocolorado.com.br
3	ad.vsrv.media	portaldocolorado.com.br ad.vsrv.media 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	cdn.pn.vg	portaldocolorado.com.br cdn.pn.vg
2	b1.trickyrock.com	1 redirects c.nsmedia-advertising.com
2	onetag-sys.com	1 redirects 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.revjet.com	4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com ads.revjet.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-9964-3.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	portaldocolorado.com.br d.tailtarget.com
2	d.adtriba.com	1 redirects 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	portaldocolorado.com.br
2	oajs.openx.net	1 redirects portaldocolorado.com.br
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	portaldocolorado.com.br
2	cdn.taboola.com	portaldocolorado.com.br cdn.taboola.com
2	tracker.myth.dev	portaldocolorado.com.br tracker.myth.dev
2	fonts.googleapis.com	portaldocolorado.com.br 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
1	www.bwin.de	c.nsmedia-advertising.com
1	info.nsmedia-advertising.com	scripts.nsn-server.xyz
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	www.facebook.com
1	s.ad.smaato.net	4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	r.turn.com	4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	portaldocolorado.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	call.cleverwebserver.com	portaldocolorado.com.br
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ui.cleverwebserver.com	portaldocolorado.com.br
1	scripts.cleverwebserver.com	portaldocolorado.com.br
1	tags.t.tailtarget.com	portaldocolorado.com.br
1	scripts.nsn-server.xyz	portaldocolorado.com.br
0	www.pinnacle.com Failed	c.nsmedia-advertising.com
0	ade.googlesyndication.com Failed	securepubads.g.doubleclick.net
216	66

This site contains links to these domains. Also see Links.

Domain
fb.me
www.instagram.com
youtube.com
www.tiktok.com
twitter.com
www.facebook.com
t.me
wecel.com.br

Subject Issuer	Validity	Valid
ipv6.portaldocolorado.com.br R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
myth.dev E1	`2023-11-01` - `2024-01-30`	3 months	crt.sh
scripts.nsn-server.xyz Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
pn.vg GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ad.vsrv.media R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-01` - `2023-12-30`	3 months	crt.sh
nsmedia-advertising.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
affiliates.kindredplc.com Trustwave Organization Validation SHA256 CA, Level 1	`2023-08-17` - `2024-08-16`	a year	crt.sh
*.bwin.de DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-27`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://portaldocolorado.com.br/
Frame ID: 27FF3F588A756216ADD85398AF7E0A25
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: FDB8660D4FF602FC9857CC2EC3BC81FD
Requests: 1 HTTP requests in this frame

Frame: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E913808615E4FBED2852FC0342B094D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1703269614&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A192%2C2%3A192%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=https%3A%2F%2Fportaldocolorado.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703269614500&bpp=2&bdt=695&idt=259&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4433710578867&frm=20&pv=2&ga_vid=769172855.1703269614&ga_sid=1703269615&ga_hid=75199601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080104%2C42531705%2C44798934%2C44809003%2C95320884&oid=2&pvsid=3634900500930897&tmod=1795284750&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: F4C6D364B2AB9008E853CBEE04075D2A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldocolorado.com.br
Frame ID: EEBA87895EA86ADA8F0050C2AA0D723A
Requests: 2 HTTP requests in this frame

Frame: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B9E114DC1BBB00704B9AD8B02A399D0
Requests: 3 HTTP requests in this frame

Frame: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 440F204C54D793068FAAEF6166AB943A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Frame ID: 35B3FC0AA92A6E7CB85F4EB88F607828
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYj-_M-QEwAQ&v=APEucNUmJOXGTyBjgxBIxjEJTUZDy-uMBCcI2W0pnok8fXkWEtDVnNsR_UNPBzSZ_DnQ_uiPDky5D2O4PZ1BndDoAVaNNIm7XvZbWIF52hhEuRXacb-YR2BahhVda8wrUZhwR-5cNp5moXSiXbMH27fRDJet67Sl-2lHsaa0Xkoz3PiKJAHP7B8
Frame ID: DBB939F262D7062DB9BD390375DA5CED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F675E53E709D1A3B104A0BCD8B5599B2
Requests: 18 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B199F0C13ABCD8875CE5D21ADA0D85D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9D1EE9379D72FA1D019A07C0079E6361
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
Frame ID: 0BE2BB4DF66A00C8428DEEFBC202B061
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A493BC1B536DA2DE67E628CF7D7665F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F374E0E6142C4CA33A11B940617A332
Requests: 2 HTTP requests in this frame

Frame: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 140D5E72EEB2A36B23CCCB657185BA31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNWeNjmvn6UBqV1p47scM4kh4wVO38Cp9tRUJv8E2xh6jZ8kRVUH0lzxywKlQiMaqy4Cfg57oRESo3TvCHpXp-sZ52X79HmKD_PtwYTYNt7FpbfsFS8V1tQ5ozCGh1xuzqUJnL0SMoOzhCJpnZeaisf8enXsia4AcuMCkC8cyAglMZgtfpU
Frame ID: 98F4602FFDE4E06E272749848C13A066
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 877FDAD01EE930A866E074013CCD6CA4
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BF13308274FDFAADF167576EA10244B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 55F4998CEA6D387CB83C2D7FD4FEBDC1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
Frame ID: F0736C0A6A1D47AE228303CE7B368E93
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: E1D9837A845688450F8829D66DD38CFC
Requests: 15 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Frame ID: 7642369F4FBB06059BC20A9F98D7D1A3
Requests: 1 HTTP requests in this frame

Frame: https://b1.trickyrock.com/btag=81765197_85632373F67C433FB63211A56CFEFDD4
Frame ID: FABD3A6DCA3F706B2AE0E8F6FF804447
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Frame ID: C3BAAA57BEFDF5C89D066E1E7E34151B
Requests: 1 HTTP requests in this frame

Frame: https://www.bwin.de/en/mobileportal/contact?wm=5322937
Frame ID: E25D9C1323E40F75492DBD0F9A1D3671
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/pinnacle/DE?l=906248c8-82d0-4af4-9b4a-2214bf41575e&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly93d3cucGlubmFjbGUuY29tLz9kdmM9ZCZidGFnPWFfMjgzMzhiXzE2NTgxY18mcmVmZXI9WEFGRjU5MDU=
Frame ID: 46E048445A4DF21C5BB40A361FE20C22
Requests: 1 HTTP requests in this frame

Frame: https://www.pinnacle.com/?dvc=d&btag=a_28338b_16581c_&refer=XAFF5905
Frame ID: 04BFDF6C1DF8208F51DACCA40FCF0082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal do Colorado - Notícias do Sport Club Internacional

Page URL History Show full URLs

http://portaldocolorado.com.br/ HTTP 301
https://portaldocolorado.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

216
Requests

89 %
HTTPS

50 %
IPv6

40
Domains

66
Subdomains

48
IPs

9
Countries

4266 kB
Transfer

12038 kB
Size

60
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://fb.me/portaldocoloradointernacional
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portaldocoloradooficial/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCM1nPkI8N3TKaP2ffwNuJ2w?sub_confirmation=1
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@portaldocolorado
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://twitter.com/_portalcolorado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/portaldocolorado
Title: Grupo do Facebook

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/DqdtMdmbHfIzMDMx
Title: Grupo do Telegram

Search URL Search Domain Scan URL

URL: https://wecel.com.br/anuncie-wecel/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://wecel.com.br/fale-conosco/
Title: Contato

Search URL Search Domain Scan URL

URL: https://wecel.com.br/trabalhe-conosco/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://wecel.com.br/politica-de-privacidade/
Title: Privacidade

Search URL Search Domain Scan URL

URL: https://wecel.com.br/comunicar-erro/
Title: Comunicar Erro

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portaldocoloradointernacional
Title: Facebook

Search URL Search Domain Scan URL

URL: https://wecel.com.br/termo-de-uso/
Title: Termos

Search URL Search Domain Scan URL

URL: https://wecel.com.br/politica-de-cookies/
Title: Cookies

Search URL Search Domain Scan URL

URL: https://wecel.com.br/termos-de-servicos-rss/
Title: RSS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portaldocolorado.com.br/ HTTP 301
https://portaldocolorado.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp&cc=1

Request Chain 77

https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldocolorado.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldocolorado.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MVEeOXxWYXo5UWl2d0lUN0h0b3dlM2R3aFJ6NHd3MXZtbjJVZGlMdzI0SXp2dnBtTkpRbDNtRXJneS9Id1p4SUl1cTUzMmVUZkc1RTlIVmVYZHAyY0w0RzRld1BkT1NsTENFZlorazVWR2hHYlFnR0xHbEQzWlIrZC9oOHpBTnJPOVJBb0QzdGEzL2g4OTV4TXl3MFk0emdjMmtYb0podDFZN2RXdXVVeVQvek42MDM0NHJNSVpwWWdZeVJ5SDZodzlKZ0lOWUVMUVducE1Oc040SGNjVFUrQ2x0cnRoYmg5ektSMXduZzU4Y09kQzFhOG9zODhRdTJodGxYc0lzWUpzQitad2hjaStsMWhZUnhaN0daZzJRMDNWaGNOZkpISWwydjk4aDA3Y25WZmhiQnlxd3dtRVQxRHJmQnpWVCtNV3JXY3w&cppv=2

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1&C=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYXU79osQauLkBJje0ee5QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzqqmf6FJqMqYbIsfmVZOA%26google_cver%3D1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkxMzk1MzYwOTAyMzIxNzA1Mw%3D%3D

Request Chain 111

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_test_377574356&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYXU79osQauLkBJje0ee5QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1

Request Chain 165

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTM1MTI1OTE1OTc1ODQ1MjA5

Request Chain 175

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1&google_push=AXcoOmQG1dp5fKH9T64y6FZQ7e3Q9JoOvcj6_qgs7TtgpPR-zW-StTikgmFIKVVPhBeUzUjw2atWkFxHefGCKXmxdZ3Rn775wyJVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyOTU0MTQ2NTUyMDI2ODE3Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1

Request Chain 176

https://d5p.de17a.com/cookies/google?google_gid=CAESECUkoksGme88nfXclX4sFfo&google_cver=1&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECUkoksGme88nfXclX4sFfo&google_cver=1&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q

Request Chain 177

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJfuuLYX7h1kVsZEOE2xoyA&google_cver=1&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFmYR1E2CUhTDTUoY8xTDki HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJfuuLYX7h1kVsZEOE2xoyA&google_cver=1&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFmYR1E2CUhTDTUoY8xTDki HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3NjY1MzI0NDkwMzg0MDE0MQ&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFmYR1E2CUhTDTUoY8xTDki

Request Chain 178

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_cver=1&google_push=AXcoOmQdvI0G9MXlLPB6oz6QYhqVbf-igiIC8tYZoef2aNde-mcF6Nb8_4g27ywJJ7SvaI-jzl3JjfJrSTsE4IF1iZVIgm7-q1UB4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_hm=ZYXU79osQauLkBJje0ee5QAADTkAAAIB&google_nid=index&google_push=AXcoOmQdvI0G9MXlLPB6oz6QYhqVbf-igiIC8tYZoef2aNde-mcF6Nb8_4g27ywJJ7SvaI-jzl3JjfJrSTsE4IF1iZVIgm7-q1UB4w

Request Chain 180

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOyadDziUgrD3Hx00wEcHFg&google_cver=1&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH5zA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH5zA&google_gid=CAESEOyadDziUgrD3Hx00wEcHFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDQyNjQwMzkxNTYyNDEyOTc2NA%3D%3D&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH5zA

Request Chain 181

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM03PEEW7vftQ53qm9aLnB4&google_cver=1&google_push=AXcoOmSU1rruX8e8tc7H73glB_JHTiaQvQVaVJtVGkUAUbmQ2hSB1nPdy3Y20jkAmI_KVw9LvgqfJWt9zFyB0fa2hav66cwtToHI4DY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSU1rruX8e8tc7H73glB_JHTiaQvQVaVJtVGkUAUbmQ2hSB1nPdy3Y20jkAmI_KVw9LvgqfJWt9zFyB0fa2hav66cwtToHI4DY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOje6CJ74EQeoMlGW5PX-0g&google_cver=1&google_ula=862479430,0

Request Chain 201

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1703269616638 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CIyn2OPVo4MDFUmZ_QcdqZ0B_g;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1703269616638

Request Chain 210

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664 HTTP 307
https://b1.trickyrock.com/btag=81765197_85632373F67C433FB63211A56CFEFDD4

216 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portaldocolorado.com.br/
Redirect Chain

http://portaldocolorado.com.br/
https://portaldocolorado.com.br/

207 KB
56 KB

959ms
678ms

Document
text/html

2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed / PHP/8.1.17
Resource Hash: 92f38dea59de2f16088eedb2be7a7629b2929301be48781e85d32b60209746b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 18:26:53 GMT
etag: "527751-1703269613;br"
link: <https://portaldocolorado.com.br/wp-json/>; rel="https://api.w.org/" <https://portaldocolorado.com.br/wp-json/wp/v2/pages/194>; rel="alternate"; type="application/json" <https://portaldocolorado.com.br/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 998_HTTP.200,998_front,998_URL.6666cd76f96956469e7be39d750cc7d9,998_F,998_Po.194,998_PGS,998_,998_MIN.5a968ca8b83f2dff66e81edb8866e61c.css
x-powered-by: PHP/8.1.17

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 18:26:52 GMT
location: https://portaldocolorado.com.br/
server: LiteSpeed
x-litespeed-cache: miss
x-powered-by: PHP/8.1.17
x-redirect-by: WordPress

GET
H2 200 5a968ca8b83f2dff66e81edb8866e61c.css
portaldocolorado.com.br/wp-content/litespeed/css/ 1 MB
149 KB 147ms
144ms Stylesheet
text/css 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/litespeed/css/5a968ca8b83f2dff66e81edb8866e61c.css?ver=00d45
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1a6785aa7c847592abd5f5e6ac5e6eb90bafcbea6cecd1f25deef134f7310a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
last-modified: Mon, 18 Dec 2023 12:41:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 152767
expires: Sun, 22 Dec 2024 00:26:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 89ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d31b78c38c24f9751223f23da3dcf46142234f5f60ae812b6327e9e5a162ef7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51671
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 89ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:26:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 18:26:53 GMT

GET
H2 200 frontend-gtag.min.js Show response
portaldocolorado.com.br/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
3 KB 143ms
141ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.16
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 53d4114fbd4b94de008401dc1381e75046f8273032b270dc1879dfd2d3ff8ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 15:24:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3062
expires: Sun, 22 Dec 2024 00:26:53 GMT

GET
H2 200 jquery.min.js Show response
portaldocolorado.com.br/wp-includes/js/jquery/ 85 KB
29 KB 143ms
142ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 13:46:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 29502
expires: Sun, 22 Dec 2024 00:26:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
portaldocolorado.com.br/wp-includes/js/jquery/ 13 KB
5 KB 144ms
142ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 13:46:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4671
expires: Sun, 22 Dec 2024 00:26:53 GMT

GET
H2 200 seo-automated-link-building.js Show response
portaldocolorado.com.br/wp-content/plugins/seo-automated-link-building/js/ 493 B
306 B 144ms
143ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=6.3.1
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:53 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 00:44:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 251
expires: Sun, 22 Dec 2024 00:26:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 136ms
78ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222cc41865899f54d1766b174b5fbb28ad57109b6fd9e5096344b8639d389d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29319
x-xss-protection: 0
server: cafe
etag: 286 / 19713 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 worker.js Show response
tracker.myth.dev/js/ 1 KB
1 KB 90ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.myth.dev/js/worker.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 22 Dec 2023 12:58:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg09wr4GTPfL%2BqiXFU5YMs3kIcjj0xTLp9xVkAKzk%2BGzwsOBWV0umh8s5jk3ifQN6iv0aXfLPYbXboILienU2mJ4B6MZcisDO747uotVFpE3muonvtN4yVK245GX760FB5FeTcMOibiiDZ869qg9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 839a6a717d50bbdd-FRA

GET
H2 200 5377ff0f0f7d7c74680c2920cf8beda3.js Show response
scripts.nsn-server.xyz/js/ 448 KB
155 KB 131ms
33ms Script
application/javascript 2600:9000:2204:d000:1:825a:8300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.nsn-server.xyz/js/5377ff0f0f7d7c74680c2920cf8beda3.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:d000:1:825a:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2535850be8318ff6ac726594b988a01a7797680e1a3806738f43f45a6df481ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:10:00 GMT
content-encoding: br
via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 11:28:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 38887
x-amz-server-side-encryption: AES256
etag: W/"cc5aa9f7484edc78081c3148467ae8c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VlZnnAxV8l8J4C6NgzFwBbPDHF4m1BVTHklD-5DbzYxc2V4YASjzbQ==

GET
H2 200 c51b555f-39a0-4887-ab50-6aa61ba43acf.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 99ms
40ms Script
text/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/c51b555f-39a0-4887-ab50-6aa61ba43acf.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc24554d764cc2c889a1ce7585f1cd2860f0977d8e7ba6e0938a441d2256751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:58:08 GMT
server: cloudflare
etag: W/"9874ca0dcddecc57589e674f5c978947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2ur20phiSNUpy4EyceDZkDue26%2FZVh31hnge20m0yRqzUTrqLuE7epl%2FZcNNBRbMSgPFo8bDi9oBT65rWRblgrny3r2m3eTWylGdzoV%2BLhKcw6o1GfSB%2B2ttK1yMhBj9nbjaJ%2F7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 839a6a719b3a9060-FRA
x-amz-cf-id: S1TX1k6ni2-Q4YdTeMN1PTAxtRbKI2QUVbd8bXVmUb4HIXPGRcfEmQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
51 KB 126ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87c3f7e40ca17efea83f04790d4433e2d2c92988aeb5eb932fc837f2354abe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Origin: https://portaldocolorado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52126
x-xss-protection: 0
server: cafe
etag: 18269925031066300978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-11

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e3facc77bad4927bc0d9ffc3e0fc11b0f9710609141472bb3155e423ff5877e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JPC9Z9P3G

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e80b19b6cab66f1628cb036a8d49bafd68cdc8a89aa867d4f11fd72fb2f50cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 frontend.min.js Show response
portaldocolorado.com.br/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
5 KB 415ms
414ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
last-modified: Wed, 07 Dec 2022 22:01:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5161
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H2 200 js_composer_front.min.js Show response
portaldocolorado.com.br/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
5 KB 416ms
415ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.13.0
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f868a810ac6e54ae51ccf2828f623337fb99036eb64d73a7a517f7534297b3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
last-modified: Wed, 24 May 2023 14:16:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5345
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 eb16d0a74ef7be3a68e2131a8e7d87ec.js Show response
portaldocolorado.com.br/wp-content/bs-booster-cache/ 247 KB
69 KB 139ms
138ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/bs-booster-cache/eb16d0a74ef7be3a68e2131a8e7d87ec.js?ver=6.3.1
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a4fbdbc1913690de5238470049e0baece17dcba47aa30c95e1b84b9d2dde5805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
last-modified: Thu, 30 Nov 2023 19:35:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 70157
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
61 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGRDVNP

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

415633abe775b5b0dd5deaf626a5e14cb4184328aa004bad66c88c95df3e6960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62126
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 100ms
100ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JPC9Z9P3G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08ef8089f069fa8bc17173e97efb724e2282125d71214a1c098cbde6dfcc4388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 17:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2317
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Dec 2023 19:48:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
53 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHDL5GM

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3d53d514151dd5903f70536ac86fa896cf77e7237be24232d6782997d07eb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53851
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/portaldocolorado-network/ 535 KB
58 KB 172ms
92ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45dbccb6e66e7e8fd25ded2574f81e9b2ac736170e8f30bcb80650436b9fd61f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: aYsqslfDYr97T08zNHjBn0ATGYhOwZl_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 22 Dec 2023 18:26:54 GMT
x-amz-request-id: TSTY1RPG1FPCAMB8
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 26
x-amz-replication-status: FAILED
content-length: 58368
x-amz-id-2: MeKgNKUiHHiS2sojNRht0hMl3+z+kBgmbcl5jCnLuqukG+lZ+3rcqc/DnvnsZA2BAwcgAKUOSLw=
x-served-by: cache-cph2320039-CPH
last-modified: Fri, 22 Dec 2023 18:26:54 UTC
server: nginx
x-timer: S1703269614.372048,VS0,VE52
etag: "64b0979c6d74fa773e30b87b623a1ac45e2f7055"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 26
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK de60dbca-17d3-444e-9cf4-e4f3af2ba493
https://portaldocolorado.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portaldocolorado.com.br/de60dbca-17d3-444e-9cf4-e4f3af2ba493
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 102ms
30ms Script
application/javascript 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 05:41:26 GMT
content-encoding: gzip
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 45933
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -fMhlzfChvHM8C15yM3qjokzFVaeIsFIgJ9-gTra6yQG1ml6rSF3NA==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 78ms
23ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:57:26 GMT
content-encoding: gzip
via: 1.1 google
age: 5368
x-guploader-uploadid: ABPtcPp5ofdlO4FH-Zri40_PmVyBVSMLlK_u9dkxbdvv3fuhjK7ls2orsOUQti-Cn5BRszh7Hf7Yzx749g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21234
last-modified: Wed, 13 Sep 2023 13:22:21 GMT
server: nginx/1.8.1
etag: "13721cc7c233ffe3299c16c1f82c8394"
vary: Accept-Encoding
x-goog-generation: 1694611341874847
x-goog-hash: md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21234
accept-ranges: bytes
expires: Fri, 22 Dec 2023 18:57:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-11&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5385a2b13dd93aa8b41ee8ff3113ff73e2d50f688b665dfa24f2ea1779220c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 f3080aa38ed82ae4810217565ece7706.js Show response
scripts.cleverwebserver.com/ 131 KB
48 KB 101ms
38ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/f3080aa38ed82ae4810217565ece7706.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612b427a81b19d61e9f794ba2bce0ab551ab170ec440bd7d26677b6bcbb7c83b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
x-amz-version-id: dXrvg9cRw.lTV17E3OUd4OJDOYl_aloV
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 15:50:36 GMT
server: cloudflare
x-amz-request-id: KFZSTHAY8M8YDARP
age: 1550
etag: W/"a205ebf9eb27089da26e17d63a37c937"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 839a6a71beb89b71-FRA
x-amz-id-2: 2h7RYj+GextHERskHtkqnwfc09ulRpgGM1rpcj7SXtNd9LwuOwOWRGi/xaZBVN+Qtir9duDHp1o=
expires: Fri, 22 Dec 2023 18:56:54 GMT

GET
H3 200 coudet-1-750x430.webp
portaldocolorado.com.br/wp-content/uploads/2023/12/ 38 KB
38 KB 141ms
141ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/12/coudet-1-750x430.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bf23ba333203cb0ad4b8ffa45fcdb8568cc8e7f56d06cca2ee23a7753ce34f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Tue, 12 Dec 2023 20:26:31 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 38784
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 gremio-rebaixado-torcida-gremio-gremio-rebaixado-10122021001923508-279x220.jpeg
portaldocolorado.com.br/wp-content/uploads/2023/03/ 18 KB
18 KB 379ms
378ms Image
image/jpeg 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/03/gremio-rebaixado-torcida-gremio-gremio-rebaixado-10122021001923508-279x220.jpeg
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 15b691c2e632de06f173ead6b48ec48f568c32ac5237fa326da29bbb61cbbfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Mon, 20 Mar 2023 12:26:36 GMT
server: LiteSpeed
vary: Accept
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 18786
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 Suarez-Gremio-1-3-279x220.jpg
portaldocolorado.com.br/wp-content/uploads/2023/07/ 13 KB
13 KB 416ms
415ms Image
image/jpeg 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/07/Suarez-Gremio-1-3-279x220.jpg
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: db8fa4215453eebecbbd88a7d200767bbb66358b416785efba793a40a41974b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 28 Jul 2023 16:52:21 GMT
server: LiteSpeed
vary: Accept
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 13093
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 99433812_es-rio-de-janeiro-rj-02-06-2022-campeonato-brasileiroserie-bvasco-x-gremioem-sa-279x220.jpg
portaldocolorado.com.br/wp-content/uploads/2023/12/ 14 KB
14 KB 425ms
424ms Image
image/jpeg 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/12/99433812_es-rio-de-janeiro-rj-02-06-2022-campeonato-brasileiroserie-bvasco-x-gremioem-sa-279x220.jpg
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e474756dd68106a97d0b0e1f65b546346399379e8854f2f9f350bcc517485263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 22 Dec 2023 14:16:53 GMT
server: LiteSpeed
vary: Accept
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 14072
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 athletico-paranaense-divulgacao-848x477-1-279x220.webp
portaldocolorado.com.br/wp-content/uploads/2023/12/ 15 KB
15 KB 417ms
416ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/12/athletico-paranaense-divulgacao-848x477-1-279x220.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 24e3591a56b8a1eb15ea6334f1231f656c0e5897aeb37b10e8718ca7865486da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 22 Dec 2023 14:30:48 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 15000
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 paolo-279x220.webp
portaldocolorado.com.br/wp-content/uploads/2022/06/ 8 KB
8 KB 419ms
417ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2022/06/paolo-279x220.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 971024fcabbed34f43dce04ea68405f93c7c077c9d402d0e3c64317028f55d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Wed, 15 Jun 2022 17:14:02 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 8568
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 b675ffa882af8d7c959e0a194dd87f10b2669404-279x220.webp
portaldocolorado.com.br/wp-content/uploads/2023/12/ 12 KB
12 KB 420ms
420ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/12/b675ffa882af8d7c959e0a194dd87f10b2669404-279x220.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ef1da5335bc498712116acbcdfd66674e07b39dd66d65177de7a6b8c548b3cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 22 Dec 2023 13:04:14 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12444
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 gremio-jb-filho-1-750x430.jpg
portaldocolorado.com.br/wp-content/uploads/2023/07/ 38 KB
38 KB 426ms
425ms Image
image/jpeg 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/07/gremio-jb-filho-1-750x430.jpg
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5ac47a193e449e746582c8675ca17677fd7b87ad8e99bac259a693e278029b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 28 Jul 2023 14:42:41 GMT
server: LiteSpeed
vary: Accept
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 39173
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 interr.jpg.webp
portaldocolorado.com.br/wp-content/uploads/2021/09/ 49 KB
49 KB 429ms
428ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2021/09/interr.jpg.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 03fc48c7c742ed50bf4e82ec9e205bed0f2ac080baf4d691fb3c40c1f690c49a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Tue, 22 Mar 2022 21:59:26 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 49880
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 rafael-borre-750x430.webp
portaldocolorado.com.br/wp-content/uploads/2023/12/ 26 KB
26 KB 421ms
420ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/12/rafael-borre-750x430.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f5cd36ecbfc9bb345e326d65a5bc3f899de2633b0f1ca50e6706684ef65e6539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 08 Dec 2023 11:46:44 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 26812
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H3 200 renatoo_x3x_crop1631276684535.jpg_242310155-750x430.jpg
portaldocolorado.com.br/wp-content/uploads/2023/11/ 32 KB
32 KB 427ms
426ms Image
image/jpeg 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2023/11/renatoo_x3x_crop1631276684535.jpg_242310155-750x430.jpg
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 309cbbab863da6d93fa4a6b1e9b2e71e7dd9fb22ab803d71c1e2f19feef0883d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 24 Nov 2023 10:43:19 GMT
server: LiteSpeed
vary: Accept
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 32917
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 77ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldocolorado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:34:04 GMT
x-content-type-options: nosniff
age: 348770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:34:04 GMT

GET
H3 200 fontawesome-webfont.woff2
portaldocolorado.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 263ms
262ms Font
font/woff2 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/wp-content/litespeed/css/5a968ca8b83f2dff66e81edb8866e61c.css?ver=00d45
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://portaldocolorado.com.br/wp-content/litespeed/css/5a968ca8b83f2dff66e81edb8866e61c.css?ver=00d45
Origin: https://portaldocolorado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Sun, 05 Sep 2021 18:41:33 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 77160
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldocolorado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 348529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:38:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
portaldocolorado.com.br/wp-includes/js/ 18 KB
5 KB 583ms
583ms Script
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
last-modified: Thu, 04 May 2023 14:49:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4605
expires: Sun, 22 Dec 2024 00:26:54 GMT

POST
H3 202 event Show response
tracker.myth.dev/api/ 2 B
526 B 182ms
130ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.myth.dev/api/event
Requested by: Host: tracker.myth.dev
URL: https://tracker.myth.dev/js/worker.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://portaldocolorado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwN%2BxAEan12rNIQQNgrrlHE8aMShvBki7PRAzzxg%2BvR93wgn2tIes6FG7bIzRLjjs8UCqt%2FodQ7pe6BDcrmsLbe9VMmu26kmLECD%2B0%2BN6%2BPPjsyqvXa4FYTNAJ9GzSP8eALoWRRY%2FG4pgxfWkI8o"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 839a6a71fce25d6b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F6M6sKQ0mhv3IRNaNH5D

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=75199601&t=pageview&_s=1&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2086891717&gjid=352579034&cid=769172855.1703269614&tid=UA-192628768-1&_gid=299880378.1703269614&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=2129314335

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldocolorado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=75199601&t=pageview&_s=1&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1140752709&gjid=13738773&cid=769172855.1703269614&tid=UA-192628768-1&_gid=299880378.1703269614&_r=1&_slc=1&gtm=45He3bt0n81PHDL5GMv843747324&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=356690422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldocolorado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

261c01ae55738d38d2f781b8b1479b5180b1708ee7dae51bb4d5dda1a0c9ae1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91505
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 18:26:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=75199601&t=pageview&_s=1&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=583897106&gjid=42672400&cid=769172855.1703269614&tid=UA-192628768-11&_gid=299880378.1703269614&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=1245985212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldocolorado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 237 KB
63 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/c51b555f-39a0-4887-ab50-6aa61ba43acf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20c6a72bf6f42933559c5d3bbfd936b6c3988b7d490b7eeb611c3088097a708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
via: 1.1 3a5e4105e7e14b13dcdcd3f0d9062fa0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
age: 4345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 17:14:14 GMT
server: cloudflare
etag: W/"cfd8cf39a7624b93150bf7bcbbd9926a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEfiNiOVqd%2FudwbJopWXbyLGf6PYPhtkfS0%2B%2F0zRUv9m4%2FHtG9fTlGuXj%2BozxBr2Dt9LvjTc0oNT7L0xWMQ5pvAdibGb53rrTAvK%2BCGP0v5BEKZ2UQwLAjUgToVH99E3INUDcyXYhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 839a6a725c3f9060-FRA
x-amz-cf-id: KbTbC0qoQ0uFxPpHLrR6A3BmUSg0FEqOJpd-FvH37KYYfwSRcpxP8Q==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 79ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JPC9Z9P3G&gtm=45je3bt0v882341509&_p=1703269613824&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=769172855.1703269614&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703269614&sct=1&seg=0&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&en=page_view&_fv=1&_ss=1&tfd=2003
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JPC9Z9P3G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29234
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 10:19:40 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 36ms
35ms Image
text/plain 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703269614480&ns_c=UTF-8&c7=https%3A%2F%2Fportaldocolorado.com.br%2F&c8=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&c9=
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: mQR80UcYjqoM3BfNN8hg3qIGledK-U9ij4VX-3R-pF-uyIBP73yiag==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
ui.cleverwebserver.com/ 157 B
380 B 73ms
52ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c8a5073a4309961fa85c94b0c0786888b818ad9cd22c328d942cddbf42abe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 839a6a72b8349b71-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 142ms
95ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldocolorado.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22dc6e8f6313283486196a2ec8befda54a3f751658ba2d2e6a1fe715497d4f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 3141163818065561087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:54 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame FDB8 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 00:19:35 GMT
etag: 5585625838579639069
expires: Fri, 05 Jan 2024 00:19:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load.js Show response
pm-widget.taboola.com/portaldocolorado-network/ 3 KB
1 KB 401ms
401ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/portaldocolorado-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: sfD1JschBRuBTXTESjhXjM97e2Bmfh6U
content-encoding: gzip
via: 1.1 varnish
date: Fri, 22 Dec 2023 18:26:54 GMT
x-amz-request-id: KHMZGQ2CXS6C8509
age: 0
x-cache: MISS
content-length: 1144
x-amz-id-2: PZHLWmr0lcKexQE3Cg/US9pAHf0zsRm/rqywNFf3y/PbrbPz0oUrMDj3WQfLHUe8/BWX6uNduQ4=
x-served-by: cache-cph2320039-CPH
last-modified: Tue, 03 Oct 2023 04:45:58 GMT
server: AmazonS3
x-timer: S1703269615.586611,VS0,VE361
etag: "ee37256a778c03e55a2eaddf126931d9"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20231221-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 828 KB
172 KB 41ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vNZAYZ60TOWTB9Ads6U8C7BOy9GG6RmI
content-encoding: br
via: 1.1 varnish
date: Fri, 22 Dec 2023 18:26:54 GMT
x-amz-request-id: ZZJQ39G286FBJEYD
age: 317
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 175420
x-amz-id-2: zjvQF2SpgoCZfCFKVWRDEZg3En5Z8khmdCaBrM5mn+RoXCYpGfRG3f86e/6ju1cPtudcB7Hy1Vg=
x-served-by: cache-cph2320039-CPH
last-modified: Thu, 21 Dec 2023 10:13:58 GMT
server: AmazonS3-br
x-timer: S1703269615.586620,VS0,VE0
etag: "2e5fc0835e8fbe3a1c0438d18f279d96"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 170

GET
H3 200 pushnews-sw.js Show response
portaldocolorado.com.br/ 62 B
103 B 141ms
141ms Fetch
application/javascript 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldocolorado.com.br/pushnews-sw.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Thu, 12 Aug 2021 14:11:51 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 62
expires: Sun, 22 Dec 2024 00:26:54 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N254Q8C0NW&gtm=45je3bt0v9101611689&_p=1703269613824&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=769172855.1703269614&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703269614&sct=1&seg=0&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&en=page_view&_fv=1&_ss=1&tfd=2137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 88ms
29ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N254Q8C0NW&cid=769172855.1703269614&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 323ms
49ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N254Q8C0NW&cid=769172855.1703269614&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1749796041

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 123ms
46ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:26:54 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 99ms
29ms Script
text/javascript 18.239.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-33.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 02aeb7f16c6c229502db31b43fb88506.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 51049
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: QX5Ig0wKh3863cKHx7eDvk-OUgQKfBZ4wtrfKwzcj6-NdLYm43Od3g==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 106ms
41ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 166892
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 839a6a73daaf6a76-TXL
expires: Mon, 25 Dec 2023 18:26:54 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 80ms
25ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:27:07 GMT
content-encoding: gzip
age: 1382387
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:27:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
22 KB 366ms
365ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634900500930897&correlator=312515570881864&eid=31080121&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortaldocolorado%2CPortaldocolorado_Interstitial%2CPortaldocolorado_Fixed&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1x1%2C1x1&ifi=2&didk=200559504~2879634051&sfv=1-0-40&ists=3&fas=8%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1703269614621&lmt=1703269614&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldocolorado.com.br%2F&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=769172855.1703269614&ga_sid=1703269615&ga_hid=75199601&ga_fc=true&dlt=1703269613804&idt=799&adks=2570936607%2C223257348&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96950ca278c32988d3c2b3036816db5fee252d71fe5e996c71be1ee1253826f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22691
x-xss-protection: 0
google-lineitem-id: 6418277891,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455036730,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E913 6 KB
3 KB 96ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:54 GMT
expires: Sat, 21 Dec 2024 18:26:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 39 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29362
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 9174524701941205614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 10:17:32 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 58ms
48ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=55200&c=DE&r=&l=140&b=Chrome&os=Win10&mob=0&v=1.60.10&ref=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 839a6a7399569b71-FRA
content-length: 43
content-type: image/gif

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 114ms
38ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 266811
expires: 60

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp&cc=1

85 B
194 B

140ms
139ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp&cc=1
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b1893412ff46c282d1768c2283eaadf4c504e46ffce1959c72ca00a72a9837fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-bzD3OpMX2R2XzRslwX9eu5VUvkI"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portaldocolorado.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 22 Dec 2023 18:26:54 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://portaldocolorado.com.br
location: /esp?url=https%3A%2F%2Fportaldocolorado.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
via: 1.1 b7f8e0880cd5f19b3036b75b021c1c76.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
age: 3530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVwxJi1K32a6GKdN%2FomSL4KjstVeaTzbiiDmSjJg%2F7GM7FTqvLhe9tddnvNQ3gQP40LQyFNtjhcXux3KfuYCYNkTgDumD6mcnjnPijUSnFpy%2BubP9gC7scbAjjS6WaGjYFGts%2F%2BRNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 839a6a744ee89060-FRA
x-amz-cf-id: 45BUp3Pd_VnjQ3EkbHfbYYAB2DVATxMNK3dMhNXDneLfZaChK_kbLg==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4C6 0
19 B 460ms
460ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1703269614&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A192%2C2%3A192%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=https%3A%2F%2Fportaldocolorado.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703269614500&bpp=2&bdt=695&idt=259&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4433710578867&frm=20&pv=2&ga_vid=769172855.1703269614&ga_sid=1703269615&ga_hid=75199601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080104%2C42531705%2C44798934%2C44809003%2C95320884&oid=2&pvsid=3634900500930897&tmod=1795284750&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldocolorado.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:55 GMT
expires: Fri, 22 Dec 2023 18:26:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logotipo.png.webp
portaldocolorado.com.br/wp-content/uploads/2021/03/ 5 KB
6 KB 139ms
139ms Image
image/webp 2604:4500:6:3e3::2
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldocolorado.com.br/wp-content/uploads/2021/03/logotipo.png.webp
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2604:4500:6:3e3::2 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cc5f10851fa104ce0a133616ab32692652961c6ebbdcbddd818ccb9e0e19609f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:54 GMT
last-modified: Fri, 16 Apr 2021 14:34:00 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5630
expires: Sun, 22 Dec 2024 00:26:54 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EEBA 14 KB
6 KB 42ms
42ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldocolorado.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 436183
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 151ms
45ms XHR
application/json 54.216.91.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.91.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ca91c6ac20b0b0a76f6a91b2c8034a8d0aa585270e4bc756a14b57755e2365a2

Request headers

Referer: https://portaldocolorado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache
x-server: 10.45.0.198
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EEBA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldocolorado.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldocolorado.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=MVEeOXxWYXo5UWl2d0lUN0h0b3dlM2R3aFJ6NHd3MXZtbjJVZGlMdzI0SXp2dnBtTkpRbDNtRXJneS9Id1p4SUl1cTUzMmVUZkc1RTlIVmVYZHAyY0w0RzRld1BkT1NsTENFZlorazVWR2hHYlFnR0xHbEQzWlIrZC9oOH...

449 B
671 B

40ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MVEeOXxWYXo5UWl2d0lUN0h0b3dlM2R3aFJ6NHd3MXZtbjJVZGlMdzI0SXp2dnBtTkpRbDNtRXJneS9Id1p4SUl1cTUzMmVUZkc1RTlIVmVYZHAyY0w0RzRld1BkT1NsTENFZlorazVWR2hHYlFnR0xHbEQzWlIrZC9oOHpBTnJPOVJBb0QzdGEzL2g4OTV4TXl3MFk0emdjMmtYb0podDFZN2RXdXVVeVQvek42MDM0NHJNSVpwWWdZeVJ5SDZodzlKZ0lOWUVMUVducE1Oc040SGNjVFUrQ2x0cnRoYmg5ektSMXduZzU4Y09kQzFhOG9zODhRdTJodGxYc0lzWUpzQitad2hjaStsMWhZUnhaN0daZzJRMDNWaGNOZkpISWwydjk4aDA3Y25WZmhiQnlxd3dtRVQxRHJmQnpWVCtNV3JXY3w&cppv=2

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f539e2439f9e7b83cbe7ba37ecee57d4272ff651b94fe94542b67166c47cee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1560215
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=MVEeOXxWYXo5UWl2d0lUN0h0b3dlM2R3aFJ6NHd3MXZtbjJVZGlMdzI0SXp2dnBtTkpRbDNtRXJneS9Id1p4SUl1cTUzMmVUZkc1RTlIVmVYZHAyY0w0RzRld1BkT1NsTENFZlorazVWR2hHYlFnR0xHbEQzWlIrZC9oOHpBTnJPOVJBb0QzdGEzL2g4OTV4TXl3MFk0emdjMmtYb0podDFZN2RXdXVVeVQvek42MDM0NHJNSVpwWWdZeVJ5SDZodzlKZ0lOWUVMUVducE1Oc040SGNjVFUrQ2x0cnRoYmg5ektSMXduZzU4Y09kQzFhOG9zODhRdTJodGxYc0lzWUpzQitad2hjaStsMWhZUnhaN0daZzJRMDNWaGNOZkpISWwydjk4aDA3Y25WZmhiQnlxd3dtRVQxRHJmQnpWVCtNV3JXY3w&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 309669
content-length: 0
expires: 0

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/portaldocolorado-network/ 102 KB
29 KB 122ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/portaldocolorado-network/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/portaldocolorado-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4

Request headers

Referer: https://portaldocolorado.com.br/
Origin: https://portaldocolorado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: S0NybznADyjC11u403KHG9NurTw2vaPs
content-encoding: gzip
via: 1.1 varnish
date: Fri, 22 Dec 2023 18:26:55 GMT
x-amz-request-id: RBN2YP3GQHPG6NCA
age: 746503
x-cache: HIT
content-length: 28803
x-amz-id-2: 1uP2SowjUP7TBHrr1OI0YAiuEtDFKLRYZyNP/oUvhadMI7HDrbtR+STX+DXLbq9+7zAi43XQT6U=
x-served-by: cache-cph2320045-CPH
last-modified: Tue, 03 Oct 2023 04:45:57 GMT
server: AmazonS3
x-timer: S1703269615.070658,VS0,VE1
etag: "202a4505b66371e8ab7943b4951f3b3a"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 container.html Show response
4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B9E 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:54 GMT
expires: Sat, 21 Dec 2024 18:26:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 440F 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:54 GMT
expires: Sat, 21 Dec 2024 18:26:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4B9E 4 KB
767 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 17:30:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 35B3 24 KB
7 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 852c1e577e0df83 Show response
ad.vsrv.media/deliver/js/ Frame 35B3 3 KB
1 KB 159ms
77ms Script
text/javascript 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vsrv.media/deliver/js/852c1e577e0df83
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: c0224051d3f8ea122f7c7c2ef44066f18d8c747ece6538b17f76ab843313376f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
cache-control: max-age=4149, public, s-maxage=3847
content-encoding: gzip
server: nginx
content-length: 1331
content-type: text/javascript; charset=UTF-8

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35B3 203 KB
65 KB 99ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4B9E 22 KB
9 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 02:25:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DBB9 624 B
246 B 66ms
65ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYj-_M-QEwAQ&v=APEucNUmJOXGTyBjgxBIxjEJTUZDy-uMBCcI2W0pnok8fXkWEtDVnNsR_UNPBzSZ_DnQ_uiPDky5D2O4PZ1BndDoAVaNNIm7XvZbWIF52hhEuRXacb-YR2BahhVda8wrUZhwR-5cNp5moXSiXbMH27fRDJet67Sl-2lHsaa0Xkoz3PiKJAHP7B8

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:55 GMT
expires: Fri, 22 Dec 2023 18:26:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F675 89 KB
31 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F675 3 KB
1 KB 73ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 13:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F675 20 KB
9 KB 69ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:13:30 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F675 203 KB
64 KB 132ms
86ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F675 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEw8xOWXF_gd248kJlYDqZx6SBVly7-hKAwFIyzz8IYDJlf1bbp0SsGr2epdXlsr7e4hlrSyv3fb69h_lW1IpfsibmpYdqvTGrxmiNEHyjAFwH3IM

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B199 199 B
298 B 85ms
30ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Fri, 22 Dec 2023 18:26:55 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DBB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1&C=1

43 B
336 B

72ms
71ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYj-_M-QEwAQ&v=APEucNUmJOXGTyBjgxBIxjEJTUZDy-uMBCcI2W0pnok8fXkWEtDVnNsR_UNPBzSZ_DnQ_uiPDky5D2O4PZ1BndDoAVaNNIm7XvZbWIF52hhEuRXacb-YR2BahhVda8wrUZhwR-5cNp5moXSiXbMH27fRDJet67Sl-2lHsaa0Xkoz3PiKJAHP7B8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyOKGPBFz%2BjgEDMoGQ5xsnC%2BPHp15t8YPjVLi5anyIykhDCvtkGf9IlAkG5nBI0jZVFLOXxeiwDXZWS2zuLTV86BE2G9WL5VLFDn61NNtktKM24idfi1wL5Jlsd7IbNwoUfpgLhhwkoZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839a6a780c3844f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuWdn5UB2QOVtgtHCNLc7w52OHWNYF%2Fptdnxl81Ha0odfaFNcsPfGb6qUoc%2FM68Sb%2FQ%2FtTLHNOCa%2BwQs1ZMyREmtSCFlOaDGWuOXOtE1jELyE9AASL0J%2FLGTwH6CeVROUyrDnNu%2FhzcIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 839a6a777b0844f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DBB9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYXU79osQauLkBJje0ee5QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

43 B
766 B

56ms
56ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYj-_M-QEwAQ&v=APEucNUmJOXGTyBjgxBIxjEJTUZDy-uMBCcI2W0pnok8fXkWEtDVnNsR_UNPBzSZ_DnQ_uiPDky5D2O4PZ1BndDoAVaNNIm7XvZbWIF52hhEuRXacb-YR2BahhVda8wrUZhwR-5cNp5moXSiXbMH27fRDJet67Sl-2lHsaa0Xkoz3PiKJAHP7B8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR6CqVguc3xjY9UIxM8bsk1rxQYO9qrHm0M9DXK3Ue8kNtqJOhatHkbQSOyRviOl5magjgxINTMeypkxeVBDExYtrmZeI84sSE49D9nZ%2BlqJc927IJ0FVsdE3hqvoy0tMKpDxE0iNnKlNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839a6a791a785902-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame DBB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzqqmf6FJqMqYbIsfmVZOA%26google_cver%3D1

43 B
896 B

32ms
32ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzqqmf6FJqMqYbIsfmVZOA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYj-_M-QEwAQ&v=APEucNUmJOXGTyBjgxBIxjEJTUZDy-uMBCcI2W0pnok8fXkWEtDVnNsR_UNPBzSZ_DnQ_uiPDky5D2O4PZ1BndDoAVaNNIm7XvZbWIF52hhEuRXacb-YR2BahhVda8wrUZhwR-5cNp5moXSiXbMH27fRDJet67Sl-2lHsaa0Xkoz3PiKJAHP7B8

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
an-x-request-uuid: 6ca075a3-e0d7-413c-95de-36f77df451a4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
an-x-request-uuid: bb82eb5d-3733-4537-b478-f6fb734b8363
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzqqmf6FJqMqYbIsfmVZOA%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkxMzk1MzYwOTAyMzIxNzA1Mw%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkxMzk1MzYwOTAyMzIxNzA1Mw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
an-x-request-uuid: 28719e6f-382a-4221-a90f-f5b1e1392b77
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkxMzk1MzYwOTAyMzIxNzA1Mw%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F675 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6986447155238&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F675 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6986447155238&version=m202309260101&ct=76&x=1&cor=6111787605161241000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F675 92 KB
38 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BojE4iEuBXIsMT2ia1lmmpwdNAWSgmGWEVnr-WSDA97gxoyyI95RgA5YKz6jXXkbUlz4crQ810NDNOoQqGZDw9BXyQ7qP7_9IQ4FBHtCzL4oCvPXY01nhG0hZ538v_9jsTxm3tJr4dgzx3enWisAGDgkfjMkqWxFWss4zponbFGnebJ6s&dbm_d=AKAmf-DPCQyjs-XmNF7dwlFO820zLkeh98aL5UQTn3Rzy7SgRC3y8jJSK3nJ5TMeDynlshJPYVDIKqbHn1Hc3oz6pDz1BLy5nYROtkTGxH10Lk_jqON3KsmrP-EMZli2BHHASBLYxjugMnuonhGJfe5ubROTrJtQfJXhybuOR5UFIGwdGVR0u4Q8VRZwijrcXUVDKD_R3OrOhlxHR4Gr9LRmQnDIEXtSv8LzeHq8RAe_kP65M4qt6F_BMy-g1SVqqXH8l5h8HCSi0aUYqyNYOwMZFmvvkqssMEhAgFox3aX5S6aYmPpoZJjt5NjdVqFMi27_v-LJq6ZqH05MPiDMJ0-MevGTX77o0C3kMbE2yAZoPe5bI6WCUbKul3bMulwDX6ldjjkpKBFXsqjBDeZUWY6JvG2k8HHibM02MQX0FkpGvLisr69yGSzXfj_BTX3lYPiUunQcYXP6Mqh9uZerayOTJpOTsWQ5ZHQXPdApZXJtV35U1lJvMh3EbwYHOftG4ujwkCBMycSR-tDeFxhMAGmWTTHKwsezihxcuxq8r641BYH8htehErNSIDX1yTBHf2iyxzZrnjMmCps18GgGcuHo4HrM2QkzL-eDPbwvCyMDYj7CTOym6iOHDgn5LYUxF6h4t27F_--XU5BL2LLMt_m8gr1ulO8gqtWjWx_nHJpJ6U77TsYjpeZaHIzBmP9fq1-bhgB2J7H-q-XB-gqBMefniinLwAKOhBqKw134SyPQb_yHezHwBX6ofDgOqzx_gD2_vrDlfCxh_KqnkE7nhIpWV6cG-RyIDSKIvRA39NWjrVzSuOItQFbronmqqDzabt_m3Bf3W55NFrPh9WsKHwhpRPP_YkBX6eM8n3Re-ou_Kuee7OAiQx0MdtbspKDzbVDbTuQIXo9udkZrIPry_93MRuXxLIltRiw4rOG9Ue_0Td1WxPf5adBjND3F280kGnPGJb0R7sroDESjwQwjdxL0xYZpkw4Ep8fA1zKhT7va0LmRcCr08lpkJ_KCSFEwCF1fMzVcbagn1e_-dlFZWsq9Ms4mXkJ3g76AvxEboEQeqS-_Qgu46J1ee31tYR9s6psAPK7SPc3lV37x4z829_edCMkVcxzWgkCqs7JoYdYLVTQrRn1SKmYsO_cCtvERtsmAS3nLl--UCvnoLbftK3rZYHNgc4oorwStCoBJ_EcrnZX61RpEkC3ul2i9_wQho02ayDBzXbVbvC_hV7f5pvkKTtFd_NoGKg2k8yHVmiyldKHSdrJLzcVtebVM6cVJkFUnvMBTTrhd3aLzXQbLJ6fmBBG38giQqHH2ZhqZBDUB0rOXS8qy2aMqMlSy0wC-M7TXU2GjGlahboHkqKDc3nsZTkuln1Hoj0j-xV9zVyebLpAaDIVVUZzVy7cTh1H0ofc5O4vADk7_xVFXmu1nJtRozV_BGONZ6nJjn-3sb1EM377BxfXKzKZsHrQ9m-OIqgVQt77QOAZn24eL78pt1K_ZZq5g-WwN-4UnE2t1-dLVg7hAyZKHpms8RyqMSdxaIKn3Gd3SAgdrc2J1ynZg6CH4ld72d9DVpen1n3wmNU6kQ65IK6zqBfhzqVNRfd1mcgGZgWE_Rul3_BdUe7WlHW10VNrSxNA841wjz1DW13gk0A2r3lizgU8SuS0pz6kVI1UISTpheDnqrBBgS-yvu40DxrwgLCT7Qkda56YQ9nvir_8rhfuLAaKLjNa0050YgOXbWba1ken3VmqE8XYm-SBnAMnKeKU1svRAn5Yzsndsnmy3WeNqCbA1LkIFZFyHp7PopN-4kUCq0LehBexf3F51n6jFMGI_WEh-jBYt4lEaLDq2XQIkTA_Tzh8RpR9ge8CKP3Sue9MDSrFHybwzy8ikHO93RzaQVr5V4EqzXJuzU7mI5BkyNXUzesslEugImK_Wbmxc9VG54D-ECJ0Hgl0VuWPvZgkE5lu92BHrfnQ0flM96-CUzxpO0_ufL2JAVPhUxy_rkONeNs03kVXLWfkZ7S2h5YrONksYsw7FuocvxXXDMa6dE_GBXA-k50-MgWv9FAiTmd0Owa1iNokpcm9d_r-J6hnFb8qXePsU3xIFFuQdghfWDirJ5_FUSa0h_romkmvwD2ssKePXwTpDx-7t5noN2LNw_Ec8wQuFF1kvctsU3cUg96BIwBGdGLkx6dA4tJuqikRG9cawp6tvPisXixLBe81HU14hdXvtJSWgsaK6-kAjKk-YK5X923mMxp6f-VB2wffQHgjucFi3y3gJegU6OQF-6LR9_pUUx6nL5ZH4QF_nlp0e5yo4GP57agezejeUcDZ2Q1g_aDJ89A90n9X4b2cXTPtXurI2Z-Xeei8NUHEQFNUkZmMAEVqyqYOSJ5VZHXO4j7GP2Z9WHR5E-muMGaaYfkRy6IstAzKjTf-q4BG_BwWlLIpD9IKYm9zrw9drk8f2YFplVovWnMs2JlzUd3-HliMeIqqsSU-yUIsI09nnCEG0QOyNKs3jkc_YoRkEfmNpXlh9Y-54-2xlcBPuU3YmkN9XV9oroLA3aT7KiK9OZ2R16lzJ6kDUdtAI_hy6MG21BAkjURavgfiUcMn6ifNtbG09COY7irtvQrQXVhs82Q39Yn9EDXIpCB98eNsHP6HxN8OZZ8Zk0YHp2z77s0Kw8c1ATsrjWPFKXGdTrnXw9OGwDXluW3XlLopYVMAne7TPNZZIzxm-tMowiOyd-KFPVIiSOygzlHsECHwEBRP3ny7bxCTO9VXXSvbIZACaDSqVGcoI25O0GxUAjLpqz_IIKgvF8I_0B_BnyeOrxqwhFmKJpQrlwbDS3Ci3ml7Ogi9R3nLTYu4SoXyfambFdLU2rmeUtspMrJv8Si_Tgwz_20bKpXIrE0GbsGKhKcPWhvobapQoJKqaoEF0nXt1zZfel_dWo6zoy-dgqpngHMcqTGwV7bMlw6Q53R_9nsVjtuyWS5ZMc4Dt7-whIRXlbcwEufa3uc3PXlAj7dL0FrcDGLzsZENqUU6NWoJQsWkLvRQhs9dNjhri8to6lYaT88-F7MGB6cYKqb8JkBAHgFS4aYpv9imqwv7XptoQWDD_ogvEmoDVgLwvvgZXFgRefxIeUoco3yq2ixJtrUjvMjpDcKOCdaAIGumnuvT3pBdEfK6dGFtbzhuW4TnQM1nflZvpdOyEv0W60AnyznUaVf8Dquw-Otsci6r8q6QLVCOQwAcxu6q9TKAq0rZp2dk3_zpQraiQUCaTplDSIL7MHb6vwc_jk4xDKPywGloJTw2Jnefw5bLyTCBTIV5UZucVhFkbEgD_Odhhc9NOcizkyPUdURzJXC7hKiTf75KXzAOyAPESRzcY0EHoKebm8JddxwmkMJnc5vGoF5mL8JIAGirp7f7iSxvxGxuyqi5e2t2RbMyA9tyx8DCNw4A7MFAIYxLXrOP1kC3fLerK-dCjBDhJyebaR4ZKa2E06X68OUnsSm7EX08E9-XSHJfjrGI-mb7Wr0R-ZwShUCjABgnNhE6BatScHoIc_6iB0WGBDhDQ7tBcvZgqwYnPl17w5lpD8eutVly2D0L5OX8r96vPqZ-CtjNJiaWNfkgdf4x6W0ctF4Uao4ZKty6-stmB-vTrs2BCbS1OxcR0eg1cVdv8rgDOkg6S1oyhYg-xXilrz1Rv1t8YVhcFG9j6YDpwk71b1vhVc-hg3H7VoIMnKXgWj8476TgTc7sc8yUjBc9MW3DZoOhZulMSZbjEVjodjEbBet054T4vOi8CNaYUuIw7Sh3wpL0Upw13asXhkIGkpbKZhefQZIaJuGwyKpR4mVwsu5Ma7equbnSALIc60JAQaiFaCiCTy2cQoJ8y8k9VcEhptbitxzah-NEdrpDn4R26mVKiNQR2P2R03l9mwik0VQCuHIs52i38hhoUaHlWvtJb1wX_PmQLpadkb-eNTTN7z7SaER7dErYAHrRu3o16QPyW1dGOe9g9z5cXmFiomIuKwqSKTR2P6SzcQWV_nO9wmJ-H_A&cid=CAQSTwAvHhf_48I_kA4QeNNAO5M6goSFYj_sEUfBFYcYNqzY8woV-ChW-mDw3nv-uoHbpkq4lTryf8UR72f6dRvARChIrfVeyqUp-eUjkZq5LQEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fportaldocolorado.com.br%2F&ds=l&xdt=1&iif=1&cor=6111787605161241000&adk=1726166463&idt=86&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66696301289bb698309eef01fd61feb60ad769c767c9c4819b66b00df2de1b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 852c1e577e0df83 Show response
ad.vsrv.media/deliver/token/ Frame 35B3 2 KB
1 KB 33ms
33ms Script
text/javascript 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vsrv.media/deliver/token/852c1e577e0df83?loc=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&vid=bfbb9c30-c04a-42ee-bbf3-06ec2c865502&ref=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by: Host: ad.vsrv.media
URL: https://ad.vsrv.media/deliver/js/852c1e577e0df83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: b6c82a7fd0522c08298af75f41b6c493b0565392eb8a346cc2a73dc58a3a7046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
content-length: 925
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F675 111 KB
39 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Origin: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F675 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BojE4iEuBXIsMT2ia1lmmpwdNAWSgmGWEVnr-WSDA97gxoyyI95RgA5YKz6jXXkbUlz4crQ810NDNOoQqGZDw9BXyQ7qP7_9IQ4FBHtCzL4oCvPXY01nhG0hZ538v_9jsTxm3tJr4dgzx3enWisAGDgkfjMkqWxFWss4zponbFGnebJ6s&dbm_d=AKAmf-DPCQyjs-XmNF7dwlFO820zLkeh98aL5UQTn3Rzy7SgRC3y8jJSK3nJ5TMeDynlshJPYVDIKqbHn1Hc3oz6pDz1BLy5nYROtkTGxH10Lk_jqON3KsmrP-EMZli2BHHASBLYxjugMnuonhGJfe5ubROTrJtQfJXhybuOR5UFIGwdGVR0u4Q8VRZwijrcXUVDKD_R3OrOhlxHR4Gr9LRmQnDIEXtSv8LzeHq8RAe_kP65M4qt6F_BMy-g1SVqqXH8l5h8HCSi0aUYqyNYOwMZFmvvkqssMEhAgFox3aX5S6aYmPpoZJjt5NjdVqFMi27_v-LJq6ZqH05MPiDMJ0-MevGTX77o0C3kMbE2yAZoPe5bI6WCUbKul3bMulwDX6ldjjkpKBFXsqjBDeZUWY6JvG2k8HHibM02MQX0FkpGvLisr69yGSzXfj_BTX3lYPiUunQcYXP6Mqh9uZerayOTJpOTsWQ5ZHQXPdApZXJtV35U1lJvMh3EbwYHOftG4ujwkCBMycSR-tDeFxhMAGmWTTHKwsezihxcuxq8r641BYH8htehErNSIDX1yTBHf2iyxzZrnjMmCps18GgGcuHo4HrM2QkzL-eDPbwvCyMDYj7CTOym6iOHDgn5LYUxF6h4t27F_--XU5BL2LLMt_m8gr1ulO8gqtWjWx_nHJpJ6U77TsYjpeZaHIzBmP9fq1-bhgB2J7H-q-XB-gqBMefniinLwAKOhBqKw134SyPQb_yHezHwBX6ofDgOqzx_gD2_vrDlfCxh_KqnkE7nhIpWV6cG-RyIDSKIvRA39NWjrVzSuOItQFbronmqqDzabt_m3Bf3W55NFrPh9WsKHwhpRPP_YkBX6eM8n3Re-ou_Kuee7OAiQx0MdtbspKDzbVDbTuQIXo9udkZrIPry_93MRuXxLIltRiw4rOG9Ue_0Td1WxPf5adBjND3F280kGnPGJb0R7sroDESjwQwjdxL0xYZpkw4Ep8fA1zKhT7va0LmRcCr08lpkJ_KCSFEwCF1fMzVcbagn1e_-dlFZWsq9Ms4mXkJ3g76AvxEboEQeqS-_Qgu46J1ee31tYR9s6psAPK7SPc3lV37x4z829_edCMkVcxzWgkCqs7JoYdYLVTQrRn1SKmYsO_cCtvERtsmAS3nLl--UCvnoLbftK3rZYHNgc4oorwStCoBJ_EcrnZX61RpEkC3ul2i9_wQho02ayDBzXbVbvC_hV7f5pvkKTtFd_NoGKg2k8yHVmiyldKHSdrJLzcVtebVM6cVJkFUnvMBTTrhd3aLzXQbLJ6fmBBG38giQqHH2ZhqZBDUB0rOXS8qy2aMqMlSy0wC-M7TXU2GjGlahboHkqKDc3nsZTkuln1Hoj0j-xV9zVyebLpAaDIVVUZzVy7cTh1H0ofc5O4vADk7_xVFXmu1nJtRozV_BGONZ6nJjn-3sb1EM377BxfXKzKZsHrQ9m-OIqgVQt77QOAZn24eL78pt1K_ZZq5g-WwN-4UnE2t1-dLVg7hAyZKHpms8RyqMSdxaIKn3Gd3SAgdrc2J1ynZg6CH4ld72d9DVpen1n3wmNU6kQ65IK6zqBfhzqVNRfd1mcgGZgWE_Rul3_BdUe7WlHW10VNrSxNA841wjz1DW13gk0A2r3lizgU8SuS0pz6kVI1UISTpheDnqrBBgS-yvu40DxrwgLCT7Qkda56YQ9nvir_8rhfuLAaKLjNa0050YgOXbWba1ken3VmqE8XYm-SBnAMnKeKU1svRAn5Yzsndsnmy3WeNqCbA1LkIFZFyHp7PopN-4kUCq0LehBexf3F51n6jFMGI_WEh-jBYt4lEaLDq2XQIkTA_Tzh8RpR9ge8CKP3Sue9MDSrFHybwzy8ikHO93RzaQVr5V4EqzXJuzU7mI5BkyNXUzesslEugImK_Wbmxc9VG54D-ECJ0Hgl0VuWPvZgkE5lu92BHrfnQ0flM96-CUzxpO0_ufL2JAVPhUxy_rkONeNs03kVXLWfkZ7S2h5YrONksYsw7FuocvxXXDMa6dE_GBXA-k50-MgWv9FAiTmd0Owa1iNokpcm9d_r-J6hnFb8qXePsU3xIFFuQdghfWDirJ5_FUSa0h_romkmvwD2ssKePXwTpDx-7t5noN2LNw_Ec8wQuFF1kvctsU3cUg96BIwBGdGLkx6dA4tJuqikRG9cawp6tvPisXixLBe81HU14hdXvtJSWgsaK6-kAjKk-YK5X923mMxp6f-VB2wffQHgjucFi3y3gJegU6OQF-6LR9_pUUx6nL5ZH4QF_nlp0e5yo4GP57agezejeUcDZ2Q1g_aDJ89A90n9X4b2cXTPtXurI2Z-Xeei8NUHEQFNUkZmMAEVqyqYOSJ5VZHXO4j7GP2Z9WHR5E-muMGaaYfkRy6IstAzKjTf-q4BG_BwWlLIpD9IKYm9zrw9drk8f2YFplVovWnMs2JlzUd3-HliMeIqqsSU-yUIsI09nnCEG0QOyNKs3jkc_YoRkEfmNpXlh9Y-54-2xlcBPuU3YmkN9XV9oroLA3aT7KiK9OZ2R16lzJ6kDUdtAI_hy6MG21BAkjURavgfiUcMn6ifNtbG09COY7irtvQrQXVhs82Q39Yn9EDXIpCB98eNsHP6HxN8OZZ8Zk0YHp2z77s0Kw8c1ATsrjWPFKXGdTrnXw9OGwDXluW3XlLopYVMAne7TPNZZIzxm-tMowiOyd-KFPVIiSOygzlHsECHwEBRP3ny7bxCTO9VXXSvbIZACaDSqVGcoI25O0GxUAjLpqz_IIKgvF8I_0B_BnyeOrxqwhFmKJpQrlwbDS3Ci3ml7Ogi9R3nLTYu4SoXyfambFdLU2rmeUtspMrJv8Si_Tgwz_20bKpXIrE0GbsGKhKcPWhvobapQoJKqaoEF0nXt1zZfel_dWo6zoy-dgqpngHMcqTGwV7bMlw6Q53R_9nsVjtuyWS5ZMc4Dt7-whIRXlbcwEufa3uc3PXlAj7dL0FrcDGLzsZENqUU6NWoJQsWkLvRQhs9dNjhri8to6lYaT88-F7MGB6cYKqb8JkBAHgFS4aYpv9imqwv7XptoQWDD_ogvEmoDVgLwvvgZXFgRefxIeUoco3yq2ixJtrUjvMjpDcKOCdaAIGumnuvT3pBdEfK6dGFtbzhuW4TnQM1nflZvpdOyEv0W60AnyznUaVf8Dquw-Otsci6r8q6QLVCOQwAcxu6q9TKAq0rZp2dk3_zpQraiQUCaTplDSIL7MHb6vwc_jk4xDKPywGloJTw2Jnefw5bLyTCBTIV5UZucVhFkbEgD_Odhhc9NOcizkyPUdURzJXC7hKiTf75KXzAOyAPESRzcY0EHoKebm8JddxwmkMJnc5vGoF5mL8JIAGirp7f7iSxvxGxuyqi5e2t2RbMyA9tyx8DCNw4A7MFAIYxLXrOP1kC3fLerK-dCjBDhJyebaR4ZKa2E06X68OUnsSm7EX08E9-XSHJfjrGI-mb7Wr0R-ZwShUCjABgnNhE6BatScHoIc_6iB0WGBDhDQ7tBcvZgqwYnPl17w5lpD8eutVly2D0L5OX8r96vPqZ-CtjNJiaWNfkgdf4x6W0ctF4Uao4ZKty6-stmB-vTrs2BCbS1OxcR0eg1cVdv8rgDOkg6S1oyhYg-xXilrz1Rv1t8YVhcFG9j6YDpwk71b1vhVc-hg3H7VoIMnKXgWj8476TgTc7sc8yUjBc9MW3DZoOhZulMSZbjEVjodjEbBet054T4vOi8CNaYUuIw7Sh3wpL0Upw13asXhkIGkpbKZhefQZIaJuGwyKpR4mVwsu5Ma7equbnSALIc60JAQaiFaCiCTy2cQoJ8y8k9VcEhptbitxzah-NEdrpDn4R26mVKiNQR2P2R03l9mwik0VQCuHIs52i38hhoUaHlWvtJb1wX_PmQLpadkb-eNTTN7z7SaER7dErYAHrRu3o16QPyW1dGOe9g9z5cXmFiomIuKwqSKTR2P6SzcQWV_nO9wmJ-H_A&cid=CAQSTwAvHhf_48I_kA4QeNNAO5M6goSFYj_sEUfBFYcYNqzY8woV-ChW-mDw3nv-uoHbpkq4lTryf8UR72f6dRvARChIrfVeyqUp-eUjkZq5LQEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fportaldocolorado.com.br%2F&ds=l&xdt=1&iif=1&cor=6111787605161241000&adk=1726166463&idt=86&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F675 31 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:42:27 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F675 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
DATA 200
OK truncated
/ Frame F675 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ce4dbe53affd38066c68cdaa4c5413f552f53a5df076c96e20aab6aa1221c35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 49728ea3d1527ab675ce.jpg
ad.vsrv.media/images/delivery/ Frame 35B3 56 KB
56 KB 53ms
53ms Image
image/jpeg 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vsrv.media/images/delivery/49728ea3d1527ab675ce.jpg
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 653ebf2b44f54b2a70873d44274f3658861d0a6f6e9195fd8b1bc903268aa730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
last-modified: Tue, 07 Nov 2023 14:38:44 GMT
server: nginx
accept-ranges: bytes
etag: "654a4bf4-df27"
content-length: 57127
content-type: image/jpeg

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9D1E 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D1E 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 6 KB
2 KB 72ms
24ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435bc3ed6fba1f122dec8f5261877048c6c8c4eea6fb424a8ebacd46bbbb2505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 361806
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1986
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:56:49 GMT
expires: Tue, 17 Dec 2024 13:56:49 GMT
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F675 0
0 242ms
65ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuu5CzTViRlrjEd1WfjdfuEyBBtuIeMjHLXLdlCJF7r-h-Zujl9xGxdUeQXeKPgOMu8HsI7eLQTsnMRPf6anXWb-vvx6T_vq2yvPMlmUbZOCX1nn_JSthWirqmAMjV8Hocf2CB25NjYj7plqsx--zMN5KYpTohRKnMA3n2xi6dHsATdvSvQ1WVrwrGI4ycYhntbKNk6jjFlw9tEPwrnZImXpH38GWm8q5YZmETWd1_pU2v-2YA_wwzmRjsYlLrjLvbFfBj8I5A4Rg6m4uX_lGUqX2X3IIGGCD53mbxaPsPWyobcQeg5lG4FmCSKzoijim7j-7nEZSFR-GJNKf6Eo_jlrlxmIrhfQDBEeSGh9PMLIRd55Q5qB_bLh78lz6PKD-2Zrf3P8BCFoUmJPqlaqnmx83BaFUIMlsRSpw0f23CQCHbXx7h5j1bHmU4AKOBb-fpr7MNHvDZyePp_h16klAQEYwoBlwi9aEDmZONrOE2TD1dlx66gqaa6m50zQ6y7tsolwjtDMgBlG9Jl_wZKWIUBk0VTnG1B2PJQv8SqDnlwkp-hm2qvLDZMXe7y3OBpYrUWjLohx9Gqgaw4Vfq5LoKy1kvvgmZ2_v1GbHu3LHZd8Rk8DMKuEimZOvhxRjzlm2AJkfQJZ0NZLAVRbVqXQ3VUfjX8Gq5wo0wuZw23GrP4E6TtlgyG721Syg5e186fsps2K_unlFA3GIoiF1oUTaP-f2ceItem9F2SeGjSffMr854VOfsKoR7I7zMZ_i9z-0VVoOuPTyz_nAcBMkDSGvu4U5QvnkPCt82yf0NH_6LmVgcXvq7PadGylA4O553V4lbnVk1tmoFdt4YffaQMNQ7B9588sbOcs4n4i8ca7-0tlhl7pLqppbcSZKTcrjcT2uzHa5cCuOXUzQ1IdD0mtJsjDkwjQBv6t1rypuIy-84TuY_Hnx-X9Gu9KcdOCUWqrHNZmlXA2rsD0c_sYA6R7mby0OwXDFrg0KVmiU9tTDwAd9VpCQqZ94B011g74pIYu5cXyIfrkCe7brhFWIJmCLyKesblK2EGDhlXFLX2LKoahrD8uVBaGBhdcyj9yAGs70jAKl3Y0wszVagYPr8ii19dpsHC8o5XFcp5d_FvX12VLmnVef_Q2BEeSbay7ylgiv98cOt7NQcjHJqtoVY-LQ3WVmhdl6UIc7s0yUj-RuY2wVWtwi3pCbmcqV1zO6TrNjbOclAKtyrYevJApsA4KeVXOzM_ipkw1ZfwfWJCrElsydmqgnBNGwXMum4-gPZQYbxrBKHDwNF7IT1QlcpJwH6oRsG8rb5xeua_M7n4uc7UP3UOl0NJU3-VFWSG6WWKSTKBaKhgR3duqI6_skqrmrNU9aC6C4jKp2GHQTbeJpUrota_8jrNlF0FgYxyFTrGplQNFzuYHAOl2a80hES-VLArNs5PO0t9dPAgHR5yBAkoyxDWL8MlmWsC4QRHiLom4av4nOZm3YhD4IOTa9wPUJI5ud2QsqZzjb3BXJq0JU-X75eayrac0Ytt&sai=AMfl-YTR1NJLCasxQq1N8MWVyRdpqNdU7QrmVLuNS1jIJjPiRFCyPRDK35IM-hGKReWUQzrJUBzSfDAacdEzMWm5qvJ2Zs3UY288UNQAoJDChE_HPhr3LGMynSuHtKEI1T2DiXPcQHvEdZHcgidFzgPoPV-N8D4qu9DQ7VEf2PYTwpCp1lE0oMki6Ak359x1C737vP4DCoKM6pnrrB16IHgJZhAdRgeD87IdIHkA5tCJY2tLJpw14jASrOhfs72Mx8tYbj9m9cLWvrPHrznsHR8Epj5ilavg2rxumjcIrhvjKQ&sig=Cg0ArKJSzGKeQIYg8WHKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=112&cbvp=1&cstd=111&cisv=r20231207.76034&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame F675
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_test_377574356&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

22ms
22ms

Image
image/gif

3.66.143.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.66.143.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-143-165.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 18:26:55 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Fri, 22 Dec 2023 18:26:55 GMT
Last-Modified: Fri, 22 Dec 2023 18:26:55 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D1E 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNJfQ79SFZcb_ComVjuwP8oyjuAEAAAAAOAHgBAI&bg=!ISKlIm3NAAY3kmNgF5I7ADQBe5WfOLrY3Zh3hQ1Du8Nh8Qb8GpbB05xPpslk5JOmu1OUZjPh4GTTvUGeFfe_yVL3zpT5AgAAADRSAAAAAWgBB5kDrHODGpzWM0HE5qpuG8uR9LWW6VBm9xDFf34exlu69XeCGeDNBjmTvIFPFnJTUNxKmThoY18i8IRLpd0yNtn8gUilHETEO9QZvXpyRlIFzjqsCO-JLKHmyjkIbEyxghMxE6LeOEvrsIl2JOyr-aCvhDRnFo1bWOl8hsh4c_hMrAYEGDpcsiTQYYVfaDCm5nqEn6NRE5QDBSFwyHnKfHgXFZiK8LuzX2nD4ZEiHJVvvfy9F7uEZnMnoQ6z3u6gD8Ffe6LCTNzd8VQbMd7_FSRLqJWmtYz_WGzfSpIxgDwTUrT8TSwX0J5v4W95VYZ6qCjxPyeEtVNW2wFIH_ISM1n5F7ze_xTkSvl9grOUgvqEJ5g9IZEN7t1lx_2D2JdJ3jF6c2M7LSHwwF_BOb1eE26ff5a9bHJYncqOFkZQBOYjEJpybCR2zFbbSD-QajYX7in_JFOCkGGCZj2GXq1LFS9EIGdrRW1uRGorK9-7IM_2JzHBGylnSIgyrCqZ28otww5T5YBnLeFS1MZJkmdROiehCo0FB5PGNPbArrIbikEKqH6ic9XiRja3Dn9JZIJ1nCKU5SICU-v2pGA-rAiotGmRllt7fqFtZWR-_-hXV28XiG0NQWAUKOVNIFTtcCGcGoI0pQsBW0dKieI_5VvdQnIq8iUEQBjXRcK4YpF6B-ZHpKIzaD8pU-KPhqEfC096ta1LdgUr5UnAXdVKc-HEFmga_ChXgpxDIGQxHcnOi1zQIkhnnofPN71BhSZiXhHWjcha1PYXMUUjP6mXNBjQygKANeocEih2oPhEynNcDpSsQmHXbUL0AUnsmM0qOmIgEG3iLnc7POOnih6vingk_HPLmTdG-XzsSSS0nwWMzw_HG7RQQ89_Ro_L-KTmlWZhuc0k5OF0yHCiR0aUqyQt21G5T7iG0YOacZznrjlRrN8T6hzUU_V3EgVJReX7Yk445FKvPZdppOujHZXgPEPoc0lnHzTHtPrybehSBWOkXKT3edDjpP4aQYGCQriGz99Z6HGxmyhxm_bOim5MTJwwAaQoRRMIDomxScUpK97uPkKoTLvmkh_JAdeer7MQKeNfbcEJlX-iK_oRnf4Dr-lTra-sQshAADSNmnbe9sZy1u_OIJWxAax5F7-PgzTecgvLwDWEU23-A9V-jBjF4_cubqnjvVYLrQ6gnYlLZA1MEzKMWFqcxZFelxbLj-gUgzkOMZk3f8ZeRhU-tbHc56atGrqb7QFEubuhhq7K7exh2XQ

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 898 B
467 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 03:06:16 GMT
date: Tue, 19 Dec 2023 03:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0BE2 109 KB
37 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 4 KB
1 KB 25ms
25ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:11:08 GMT
date: Tue, 19 Dec 2023 09:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 25 KB
25 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/bg.jpg

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ab18a90107dde9bccc4288659bfea319e56881ead32a017508980073461c1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:50:11 GMT
date: Tue, 19 Dec 2023 08:50:11 GMT
x-content-type-options: nosniff
age: 293804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25731
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 band.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 8 KB
8 KB 29ms
28ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/band.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b582a40acfe21c24681f922781086f4e76251c7c887922171c068a6f2ed2964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 00:09:59 GMT
date: Tue, 19 Dec 2023 00:09:59 GMT
x-content-type-options: nosniff
age: 325016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7817
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 band-headline.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 4 KB
4 KB 34ms
32ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/band-headline.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e667eb1c245d6516dae4af9782c7c0086486037c7c1314eec086a8c12e7b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 07:21:19 GMT
date: Tue, 19 Dec 2023 07:21:19 GMT
x-content-type-options: nosniff
age: 299136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3802
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 5 KB
5 KB 31ms
29ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/text2.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf6bf72b4b0419a38e7fe16e49283fc31208d03afc964d7f3c97fba32f9cc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 04:34:46 GMT
date: Tue, 19 Dec 2023 04:34:46 GMT
x-content-type-options: nosniff
age: 309129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5223
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 5 KB
5 KB 33ms
31ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/text3.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f2afa67ecb1062f8cf97544f21dd5b45631ccf2a586158d02b824b405013c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 19:22:16 GMT
date: Mon, 18 Dec 2023 19:22:16 GMT
x-content-type-options: nosniff
age: 342279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4822
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 2 KB
2 KB 32ms
30ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/cta.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:55:30 GMT
date: Mon, 18 Dec 2023 15:55:30 GMT
x-content-type-options: nosniff
age: 354685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame 0BE2 4 KB
4 KB 32ms
31ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/logo.png

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755fb6edd26e00462f0ffda5414c3514bbf19a5b7790221702660abd5e91cc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 23:22:51 GMT
date: Mon, 18 Dec 2023 23:22:51 GMT
x-content-type-options: nosniff
age: 327844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4041
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F675 0
0 108ms
60ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuu5CzTViRlrjEd1WfjdfuEyBBtuIeMjHLXLdlCJF7r-h-Zujl9xGxdUeQXeKPgOMu8HsI7eLQTsnMRPf6anXWb-vvx6T_vq2yvPMlmUbZOCX1nn_JSthWirqmAMjV8Hocf2CB25NjYj7plqsx--zMN5KYpTohRKnMA3n2xi6dHsATdvSvQ1WVrwrGI4ycYhntbKNk6jjFlw9tEPwrnZImXpH38GWm8q5YZmETWd1_pU2v-2YA_wwzmRjsYlLrjLvbFfBj8I5A4Rg6m4uX_lGUqX2X3IIGGCD53mbxaPsPWyobcQeg5lG4FmCSKzoijim7j-7nEZSFR-GJNKf6Eo_jlrlxmIrhfQDBEeSGh9PMLIRd55Q5qB_bLh78lz6PKD-2Zrf3P8BCFoUmJPqlaqnmx83BaFUIMlsRSpw0f23CQCHbXx7h5j1bHmU4AKOBb-fpr7MNHvDZyePp_h16klAQEYwoBlwi9aEDmZONrOE2TD1dlx66gqaa6m50zQ6y7tsolwjtDMgBlG9Jl_wZKWIUBk0VTnG1B2PJQv8SqDnlwkp-hm2qvLDZMXe7y3OBpYrUWjLohx9Gqgaw4Vfq5LoKy1kvvgmZ2_v1GbHu3LHZd8Rk8DMKuEimZOvhxRjzlm2AJkfQJZ0NZLAVRbVqXQ3VUfjX8Gq5wo0wuZw23GrP4E6TtlgyG721Syg5e186fsps2K_unlFA3GIoiF1oUTaP-f2ceItem9F2SeGjSffMr854VOfsKoR7I7zMZ_i9z-0VVoOuPTyz_nAcBMkDSGvu4U5QvnkPCt82yf0NH_6LmVgcXvq7PadGylA4O553V4lbnVk1tmoFdt4YffaQMNQ7B9588sbOcs4n4i8ca7-0tlhl7pLqppbcSZKTcrjcT2uzHa5cCuOXUzQ1IdD0mtJsjDkwjQBv6t1rypuIy-84TuY_Hnx-X9Gu9KcdOCUWqrHNZmlXA2rsD0c_sYA6R7mby0OwXDFrg0KVmiU9tTDwAd9VpCQqZ94B011g74pIYu5cXyIfrkCe7brhFWIJmCLyKesblK2EGDhlXFLX2LKoahrD8uVBaGBhdcyj9yAGs70jAKl3Y0wszVagYPr8ii19dpsHC8o5XFcp5d_FvX12VLmnVef_Q2BEeSbay7ylgiv98cOt7NQcjHJqtoVY-LQ3WVmhdl6UIc7s0yUj-RuY2wVWtwi3pCbmcqV1zO6TrNjbOclAKtyrYevJApsA4KeVXOzM_ipkw1ZfwfWJCrElsydmqgnBNGwXMum4-gPZQYbxrBKHDwNF7IT1QlcpJwH6oRsG8rb5xeua_M7n4uc7UP3UOl0NJU3-VFWSG6WWKSTKBaKhgR3duqI6_skqrmrNU9aC6C4jKp2GHQTbeJpUrota_8jrNlF0FgYxyFTrGplQNFzuYHAOl2a80hES-VLArNs5PO0t9dPAgHR5yBAkoyxDWL8MlmWsC4QRHiLom4av4nOZm3YhD4IOTa9wPUJI5ud2QsqZzjb3BXJq0JU-X75eayrac0Ytt&sai=AMfl-YTR1NJLCasxQq1N8MWVyRdpqNdU7QrmVLuNS1jIJjPiRFCyPRDK35IM-hGKReWUQzrJUBzSfDAacdEzMWm5qvJ2Zs3UY288UNQAoJDChE_HPhr3LGMynSuHtKEI1T2DiXPcQHvEdZHcgidFzgPoPV-N8D4qu9DQ7VEf2PYTwpCp1lE0oMki6Ak359x1C737vP4DCoKM6pnrrB16IHgJZhAdRgeD87IdIHkA5tCJY2tLJpw14jASrOhfs72Mx8tYbj9m9cLWvrPHrznsHR8Epj5ilavg2rxumjcIrhvjKQ&sig=Cg0ArKJSzGKeQIYg8WHKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=241&vt=11&dtpt=129&dett=3&cstd=111&cisv=r20231207.76034&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 48ms
23ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:51:07 GMT
content-encoding: gzip
age: 66948
x-guploader-uploadid: ABPtcPpnYG_iFnZSVemyRWCEIivDC6vgMFthkBwMur-2cUbbgsy2arln6nCaastGiaOQbffffpc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Fri, 22 Dec 2023 23:51:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29b5d2cef459c28aaa90632d51fb301a3ef11f016696dfaf0b2d4e7bafce6d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74641
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81fd31218d43c0f9aeea6f8b7b2ac6cc15a6e238b163a1b170c9162096943d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80986
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cc8665b302d1d2825601e39a90240ad96cffc00fe3d124d75a7a0e561901490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81023
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec6121cc4fca6ce6840ce5491f5517c7a468ac19a063cac9d121b2019813964b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81071
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ae242110178976ed2f3c633bf370e995631a16f8549bb94e18c29b3c3c02b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81086
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f680f6349ba0aaed299c56975d2821da5902c60d6ee4de84c30d656541fe035f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72492
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 307ms
306ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652ff8c7ccdd5c34aa5062b6bc776c3416543c391c9d29ad81beec8a11a9d805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12113
x-xss-protection: 0

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 276ms
275ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:40:10 GMT
content-encoding: gzip
age: 60405
x-guploader-uploadid: ABPtcPpVEJ-K8-LutCq-Z1JjyHq4_JW9iC6s-9WpZswrrOnYY1-8uyz4Mdq4167UmyGfsOrZsZFHw3LnCA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sat, 23 Dec 2023 01:40:10 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
663 B 196ms
129ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1703269616&tM=direct&tL=direct&tN=direct&tY=3&tZ=919966405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1703269615701&cv=11&fst=1703269615701&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&did=dZGIzZG&gdid=dZGIzZG&auid=1896554657.1703269616&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cac7672d1f64050fa08de99e4a980782303deab7dc35baa3410d7781e49a1eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1703269615738&cv=11&fst=1703269615738&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&did=dZGIzZG&gdid=dZGIzZG&auid=1896554657.1703269616&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc72396070cce2a1bce27ac5602a80c18dc92e21cb967ee90208c7bdd51a74d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1703269615749&cv=11&fst=1703269615749&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&did=dZGIzZG&gdid=dZGIzZG&auid=1896554657.1703269616&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3b38e60ccd3d8c58a1f8a50f386f0df2d445d05ee50af31d3b214534cd13e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 375ms
375ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634900500930897&correlator=2348507070346380&eid=31080121&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortaldocolorado%2CPortaldocolorado_Fixed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=2879634051&sfv=1-0-40&rcs=1&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D8cad2c041fc318e2%3AT%3D1703269614%3ART%3D1703269614%3AS%3DALNI_Mb3k6O7kFhuAt058LARO_AauiMaPQ&gpic=UID%3D00000d25ca7039a0%3AT%3D1703269614%3ART%3D1703269614%3AS%3DALNI_Mb1RDFqWLv37JfuF1xXmFGYJItACQ&abxe=1&dt=1703269615762&lmt=1703269615&adxs=0&adys=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldocolorado.com.br%2F&vis=1&psz=1600x2260&msz=1600x-1&fws=512&ohw=0&psts=AOrYGsnECJEPkZtiGIaGU-e0TVlqHCk_XrC5-Yhewy8s3O0hU7W4SCpKDfnM-vplJKTBfIU7teucZ77CQJssa-XWeDlkhhIYK2UM&ga_vid=769172855.1703269614&ga_sid=1703269615&ga_hid=75199601&ga_fc=true&dlt=1703269613804&idt=799&adks=223257348&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a15c2a4be68cc873e4ce4cef718ee5246e1a9591555963e3f9fd50bee48cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13480
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
108 B 104ms
36ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1703269615701&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_p5oM3FfpFq0ZzoemJlya1tPL4jtfnInnjkXE9fiH8Hds8t8D&random=2511322516&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1703269615701&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_p5oM3FfpFq0ZzoemJlya1tPL4jtfnInnjkXE9fiH8Hds8t8D&random=2511322516&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
108 B 89ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1703269615738&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_4f-P8YMLvJB35ujdgIaIvRdQPFYPqojaYsmlvEK0GO0gyp6i&random=3211960069&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
108 B 36ms
36ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1703269615738&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_4f-P8YMLvJB35ujdgIaIvRdQPFYPqojaYsmlvEK0GO0gyp6i&random=3211960069&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
455 B 81ms
35ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1703269615749&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_GMl4tf9e5e0YlbZdULAelLfpCJI_Hp10XGBWfA5suRDOfu5U&random=1476076299&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
108 B 43ms
43ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1703269615749&cv=11&fst=1703268000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldocolorado.com.br%2F&frm=0&tiba=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_GMl4tf9e5e0YlbZdULAelLfpCJI_Hp10XGBWfA5suRDOfu5U&random=1476076299&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 18:26:55 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
160 B 130ms
124ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 345834e2b518440bcf4b14132b641b856305a9ad79953753cf8104d503e4c793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A493 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:32:57 GMT
expires: Sat, 21 Dec 2024 10:32:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2F37 829 B
981 B 32ms
32ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b13f354902d89d0e3e05f39fdda350346726bf42ab2f4abbcfed8fbf9ffd43ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NKdwmaHyIZ0ER3sXmbamzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NKdwmaHyIZ0ER3sXmbamzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:55 GMT
expires: Fri, 22 Dec 2023 18:26:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A493 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F37 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3634900500930897&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A493 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TRmHrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F675 0
0

GET dc_oe=ChMIhrP64tWjgwMViYqDBx1yxggXEAAYACC7nrBiQhMI47nb4tWjgwMV2G3gCh0CgAsO;dc_eps=AHas8cDmECJHCT7z285l5K-c_LIf2wH3GfJR-Gzp8HHXf_JQCzjywt1ivWYMV_DZuScMXQRLhU0Ceq0;met=1;&timestamp=1703269616145;eid1...
ade.googlesyndication.com/ddm/activity/ Frame F675 0
0

GET
H3 200 container.html Show response
4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 140D 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:54 GMT
expires: Sat, 21 Dec 2024 18:26:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b Show response
b.t.tailtarget.com/ 92 B
527 B 129ms
129ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007FEFD48565B806686902BCEC09&tX=b.52&tZ=269346669
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 4d388b69577d270ad9a717e110026186945614ebd7adeec902b5f23a4738713c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 98F4 624 B
242 B 65ms
64ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNWeNjmvn6UBqV1p47scM4kh4wVO38Cp9tRUJv8E2xh6jZ8kRVUH0lzxywKlQiMaqy4Cfg57oRESo3TvCHpXp-sZ52X79HmKD_PtwYTYNt7FpbfsFS8V1tQ5ozCGh1xuzqUJnL0SMoOzhCJpnZeaisf8enXsia4AcuMCkC8cyAglMZgtfpU

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 18:26:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 877F 89 KB
31 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 877F 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 13:10:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 877F 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:13:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 877F 0
0 30ms
29ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQy6cbm9lEuifC72JMquW0vXiBbgHWqV_HySk00r-IIK9x1PqB2lywyyy9hAb4gilKMqUnEG10S37xBxFi9QzmxcfNG5w
Requested by: Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 877F 203 KB
64 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:26:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 877F 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG_lSXMqlW12DrGEOF0vRhprp7ljT754LU4kpNMV0nrhG6cbbDe3InFX3TfQGzd_oUMPHxk1kmGqKlSbbX9QnBnPV6jdkwy-2I_EJAamZ_xwING6A

Requested by

Host: portaldocolorado.com.br
URL: https://portaldocolorado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 98F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

43 B
729 B

66ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNWeNjmvn6UBqV1p47scM4kh4wVO38Cp9tRUJv8E2xh6jZ8kRVUH0lzxywKlQiMaqy4Cfg57oRESo3TvCHpXp-sZ52X79HmKD_PtwYTYNt7FpbfsFS8V1tQ5ozCGh1xuzqUJnL0SMoOzhCJpnZeaisf8enXsia4AcuMCkC8cyAglMZgtfpU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbpWnpqvgr2oE5lr4YSYUhVK1iHS506RsKUumqHnOlWmz2MxZ1IeQaLg6vQX7hTIfbemfGThU%2FlfBpkIr2pcx0sHBvohzcYdgty9m1QBIt4oMiVWoefUBVfrRYKRg%2BMWmxZdVP3s822l2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839a6a7ddbd45902-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 98F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYXU79osQauLkBJje0ee5QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1

43 B
735 B

66ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNWeNjmvn6UBqV1p47scM4kh4wVO38Cp9tRUJv8E2xh6jZ8kRVUH0lzxywKlQiMaqy4Cfg57oRESo3TvCHpXp-sZ52X79HmKD_PtwYTYNt7FpbfsFS8V1tQ5ozCGh1xuzqUJnL0SMoOzhCJpnZeaisf8enXsia4AcuMCkC8cyAglMZgtfpU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX%2F5KCyXQQc5QsqcTKkNApV39EbxZnEFmvzBfmiDNFEuMsSc8s%2F3%2BJVpmkgjUO0x%2Brvgx3zhKmEOnbsSpr2KWecemSo0JhRn9ZOIkNvsXbj02J9yqQOBA77zOfEDye2BsrIi%2BBadj0LvAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839a6a7e3c9d5902-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKn7-iFQ9oZ0zadWrSUYxg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 98F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1

43 B
843 B

32ms
32ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNWeNjmvn6UBqV1p47scM4kh4wVO38Cp9tRUJv8E2xh6jZ8kRVUH0lzxywKlQiMaqy4Cfg57oRESo3TvCHpXp-sZ52X79HmKD_PtwYTYNt7FpbfsFS8V1tQ5ozCGh1xuzqUJnL0SMoOzhCJpnZeaisf8enXsia4AcuMCkC8cyAglMZgtfpU

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
an-x-request-uuid: e9c41a92-57ef-4c6a-ad34-ca4095d50259
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBzqqmf6FJqMqYbIsfmVZOA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTM1MTI1OTE1OTc1ODQ1MjA5

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTM1MTI1OTE1OTc1ODQ1MjA5

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
an-x-request-uuid: 993733fb-8a3d-4f11-846b-eb76ac3fe9db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTM1MTI1OTE1OTc1ODQ1MjA5
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 877F 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=805120878389&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 877F 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=805120878389&version=m202309260101&ct=77&x=1&cor=2546763770820632600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 877F 34 KB
19 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARTKHDJszvShIhVHr2sf1iF5YenCz8d1aVXpacuGNDKH5GuQMo_zdnQWfwnnq0WeHiPirUElVJVfmsp0wgjAHAJy_jhtl0CYqy_NbFzAnWnxDyOwLn3y96lxyV20jTpOqcKuxfAXXLtDECN-7wJAb1cGPtjxpceJEwWYFFrcWNCMYtc5w&cry=1&dbm_d=AKAmf-AfW1obm7GtFpcp4rouSyAsBvbgt9VnZyHV886ur6qxcWPWK3kNIs33vQgb-_DJuSj6IjeA4-wqAE4iPvD7GYlIKBShZPYXVd3Be6favvqnhRLSDBI6XuvDtTACmOdJ0oMWeJhXnz58EiVcxHLnXEzmmf68jcc9T1obxvZzlCw90z2LFdztvdNv-FYIasKeqGEpI-xrsOA1T_m5NHf4kiJy53HLFbBtC4gNge1S57Emn7vqIj-qB7ckiWxLhf8qdVemiScJ7sAHrBIybD4h5DwtOwUfxhdCH3ni_TTWVFOidGuy0UL-yPzzo8Eo_-y-hPhuf60dGuoVAKyD1nec-ktNYObiZ4oEmwWXB8i7PG4Tcp5xYWI6RpKl8GGByIhHOY93xdCSXlbYmmUFMKxprzyjTya5nv0zpo15Id8g4il42erq2R8INuTwpod7d6GbiBfMvQEfSjLMd-oiBswMFgewf35BkrbyqAaueizEthsuLkuPXGsn3teh4XgAgwNuBxwhRhxINzEuP7jtNWcOHcwa-IUVYwTKGebgzNSihhaRA3ZzffxcgJCYdfTILiSPDgyiXnxfpJw1AAmJTT_xMhCzfl011w8ub7xf7lcJKClNaAZWvZvDEYLnKcNXZ2TMLkOPJsiA0QeUXFgVq_kWxo2yPyelt3Q_f0BFKg6VbutCXKrBwhRkQerDfNe5NVaYT2o3eMsMhBgt28CeBM5pO1GqSPXyIf-2OcK2BEeE0Z-icCGQXrB_XHLAvrX_rZo_vF8ptk-1mXwNZ0N7ixSJ-TzfEa3ONMZgxbmD31W7SSapD61u89ssLvfexOh4sNuR5GUNOoGiOy0NCKXkYOh02TQu3ziJ1iG6laJAoDCAuvTXtmGSRnKgxy3fTWoPqaMd2l3Rgk3cfYjGYVj_FFUD4OmybHCSzwodmvAExX8MqSdNhFQRgFUvGsqg4Cy7sc5GUKK42GsdvpyO2tw7uARuT1zfV4sjPunpFx7_N-Rs7rv60N44p0W9MoBgClp7vSuqlxgDgSL7OFmiyX21vA25O5ERbT0ao5r6pgVFlKVNtSsIMY0e6UXKyPI9Nj-RY3aCuvptbwr4-O75wf71ZIZy6-aPIjTsAeLQ1RmoGpV2aQY2k_MSdVjv90TAdjTqlx5g8vn4i0EyR6a60ybWJhfk7YDYzIJML5vzJUemjAUWDZHCpMdshGm38nXNKZRFMq9-IFkYXTyv_2Bu1rVBNNp4-fdTAY0jM4oQ59O-fOrgqL6Ot8Z0Rfkd0DBtEqHcKOTED1VUUYqTslStXHxE4idQFPYs5TWQcfmt0HA5QAZQyNUX8T3kPu8bACYdFGWiL0SfdlZp9BN3TBBcskKhwKKwYs4A-7o7CdF41_rAi1GYkpZ41P-QNroaRA0C8I88RQvYe0Vzk-OdPUXfeWpNyNLVoLB-gtAXMnznNoVOBI2rm2XcWYIyG1vKS1fwJKir_F8pMvwVzMIT3zS2XMmJHWPNcT2KfRaY1kobhPsuJGULKnaBJ3Bs4n8WPkj7KgjDzA1VGXfObc4MD1_-dMxAtGCylNUwqJHg5hcbJK0dMcr9D90SNJg_Ci2mTDA4TZTITb6k1UcWtYhEQ0i3sEq14Jo2E-b5gg-eF9tqbT8i2Okt-aCUl1zHbYcRyLU2-HdTau87ArjY3G_1FP6NuzrKUvu2YTCCeSl1d3RMusQwtQ7-6hc2jkuzasLQwfLP2xHyAOo13iTKa3S2_J-J0QOs9J5eTCct6rrAksP2YPFmtqcPqZM8kahfU6akkeEMi1ciIW7qHcaN_-dqdW4TF5xy8sKpIJ50a3Km_Z5vdZIpJP66Y5EioID6kIBDyLkAZW8xirbS1m1W3_6nzFXXULzdy9ft2PDhsghXzFs4mcLwxv-EgCbCUlMO1IyNbUFKZEDzlb4fBhm0lhiHFmgcsKG5qp-9ld8-d5EgEAo0OY2d67RXIw7fTAixk2iWoeuJ62_buglBGD6CG9_nKJRkV1sB2l6hmdv7mEJeQyk9DnKH8voKGnW-TGfeGuKFJJuwjlAqZ_hBabMb2e5v5XOTVM6B5mT9spnsapSVBvizOqQrtW4pEO_LCCcnYc4uAgXalLEFy2kvRMkrsKbpNiD7luN3pl6_YwBZKX_1YRbbW-Sa9pW42kqbDhOjWwlg5-quW5JmLlTm49arioJRoSTZ7P2DZyk8cgHW5zL6kVBbTNTsAu_o1AG3BGHb6ikj7o-_5t7sj2U-N3DFturoPX_OGZB87X2pdHWqrZufT67GNxjLSPJvRQmyCrKyh4-RPC6spdVp5IzSJ5OA4hQpZC7P_o-zxxtW2ivUI-XOgt82lCc2MEjoGi0kL9pGTY_NSjWNGhwL8qyzTZVO1EA_EdT6xdqAMWva81pPX2kKyZnoFqVKo7egDLhOo14wj-ktwOmJ_a9Nj0D7840QN8rv-TQZ9KwT_RinBYUd5HDmga5DrBeBHsYcuk4NwLzjcN3nU0fQ1o95snXLP-0bdJnlCGLJ5PV_wlVeVFUkjHtTl78fjeHULjX4B-HwjbL1wO0nj0TJkPfDVhhLSOY5kVYzpiOJPLXjh7jLObO-meD4pZuqgjQZn31MNI5x-Ajz3LFvdyGm_OggW77ZaMm_o_4SOwBn8wAOTT47AqhWaFhDyXPz2N3OoODMpj5Z2bmNjO82K-0m0HygNvdaLBhCnYSeantADSH0aD0nWNtFOOlsD2qoWrI5s43G1vrQUPFHr8oY-ssTvzxMTP_JID_o-PAo7Nkcl9cq_ejF2VNQqZ0FAcXuQcUonz5ul6eazx_F7eM26RaCSze3_-sZYhvAXpmGW6aUkNzQCrqO33fUwafF31Tkuj2CSa0ovRkCLx0thbPMMMJTB6PQa7i7c98B4UHBChTcw25iDq9h5Skx10oKEKOhQY1NGloitIx7EtcKPtvR5wU39CeK51NNAsy-3K-GccmAb_SENkgLjAkO_rpMyzm1pYu2Tr6TfHAwjXM4YSdwddiKuNMhmoUwGV6R54EJ95q2OSGWoagzgt8tud819r2PrTJUEy2z7tmGvAyp7vfQJwwn85VsZ1NKxXMW4EcXBNTky03NWitUuYYA56BeLOQdPMZBHmUXmfMnmui8OR7Opg0Q6SmPbLvpPINqdELJ2HMW8d5KpiHd5iZ6kraHmUw5ZACxwIk141mEMiedYnHN4CXLs4oGlXBXqXABXcInTDSYzA7VMfWn_SBMcztHJLbGTHYHLOpYNRTF4vKzhLtBZ5qnXD0CtiMC4OjsIF2dTbCRkRG8g8K8tWzJt4qI2YjvNWiuF7yKrj2udl1Jr8bLupNRSqhuj1WLJuwOuuxWW1vUgTCUOkhIY5lFhcW5TfK6fRDt4MFepVqNxqZq-EL0TJUL1GgEny2N5OBIvmZvJZwE19HiCG_14rPMXzoF_yb0w8hBJPOp_sgFOkR_rGDphbGEHbY5m3zkg_AJmfRPt2GnF_yvE_UMDvP_P7P1R8qE1jUqe7d2N7lqiyX-ccXn4j2tTi-bYIym5iXdofHgsg3WBUcwHOX_bvieQ7VvU5o7ajfcILiYW0cxKbfz2uaoQTn_k7g6AFkjOaimolxpjRXrDtqeCXgVrasKo-jKZg9dN6OGvlKZjxkCXtcxgHnM2yeomjM_kupCDE6cDS_RUVAcZE8ft0qme0I-BiJ0FAlEc3VDcOveHS5Iz810bA59q7cziBuHm1V9KDQ24ASRtN6X7-tG_CGsgloQ8tpFWKjD8Q5v7DrPndXl6xY6rsRwVcAbONV8Q_VBA-A99IDM20rNYDPayZKjyjD08ca0VqEBuoOxJD73vFyd_b5XeBbFVQ8cF-EexjL2pzRciRLPvwDtuTLy197Yw_80-fQ2C2zrygGWIx4LcTkQ1Z9tJsdRHKS2nPsSa1gF9Uh-sjF--mhFBFb93Kzo5lr1yvruJ5zf4cqdf1pLnBY3ygI3097ro6aq4_djz5rFkXCIo_Nu1g7yRR7C1ALw8LgeIbk1pMeOVSMIv3lT7jn147AhCTx_n85m1q9Upzfvn80RirFS&cid=CAQSPAAvHhf_GAfufEugLiD8lueJzukRG5E2dqdQzI8S-TrSZnvRVbL7HW1hPG-swtnId1I8TzeaYmQZsZGlSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fportaldocolorado.com.br%2F&ds=l&xdt=1&iif=1&cor=2546763770820632600&adk=929882888&idt=96&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc260b796df23f5dac9365c766aa33b5a24e817e4148a0dd0bc00b0e3a4e0fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 877F 31 KB
12 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARTKHDJszvShIhVHr2sf1iF5YenCz8d1aVXpacuGNDKH5GuQMo_zdnQWfwnnq0WeHiPirUElVJVfmsp0wgjAHAJy_jhtl0CYqy_NbFzAnWnxDyOwLn3y96lxyV20jTpOqcKuxfAXXLtDECN-7wJAb1cGPtjxpceJEwWYFFrcWNCMYtc5w&cry=1&dbm_d=AKAmf-AfW1obm7GtFpcp4rouSyAsBvbgt9VnZyHV886ur6qxcWPWK3kNIs33vQgb-_DJuSj6IjeA4-wqAE4iPvD7GYlIKBShZPYXVd3Be6favvqnhRLSDBI6XuvDtTACmOdJ0oMWeJhXnz58EiVcxHLnXEzmmf68jcc9T1obxvZzlCw90z2LFdztvdNv-FYIasKeqGEpI-xrsOA1T_m5NHf4kiJy53HLFbBtC4gNge1S57Emn7vqIj-qB7ckiWxLhf8qdVemiScJ7sAHrBIybD4h5DwtOwUfxhdCH3ni_TTWVFOidGuy0UL-yPzzo8Eo_-y-hPhuf60dGuoVAKyD1nec-ktNYObiZ4oEmwWXB8i7PG4Tcp5xYWI6RpKl8GGByIhHOY93xdCSXlbYmmUFMKxprzyjTya5nv0zpo15Id8g4il42erq2R8INuTwpod7d6GbiBfMvQEfSjLMd-oiBswMFgewf35BkrbyqAaueizEthsuLkuPXGsn3teh4XgAgwNuBxwhRhxINzEuP7jtNWcOHcwa-IUVYwTKGebgzNSihhaRA3ZzffxcgJCYdfTILiSPDgyiXnxfpJw1AAmJTT_xMhCzfl011w8ub7xf7lcJKClNaAZWvZvDEYLnKcNXZ2TMLkOPJsiA0QeUXFgVq_kWxo2yPyelt3Q_f0BFKg6VbutCXKrBwhRkQerDfNe5NVaYT2o3eMsMhBgt28CeBM5pO1GqSPXyIf-2OcK2BEeE0Z-icCGQXrB_XHLAvrX_rZo_vF8ptk-1mXwNZ0N7ixSJ-TzfEa3ONMZgxbmD31W7SSapD61u89ssLvfexOh4sNuR5GUNOoGiOy0NCKXkYOh02TQu3ziJ1iG6laJAoDCAuvTXtmGSRnKgxy3fTWoPqaMd2l3Rgk3cfYjGYVj_FFUD4OmybHCSzwodmvAExX8MqSdNhFQRgFUvGsqg4Cy7sc5GUKK42GsdvpyO2tw7uARuT1zfV4sjPunpFx7_N-Rs7rv60N44p0W9MoBgClp7vSuqlxgDgSL7OFmiyX21vA25O5ERbT0ao5r6pgVFlKVNtSsIMY0e6UXKyPI9Nj-RY3aCuvptbwr4-O75wf71ZIZy6-aPIjTsAeLQ1RmoGpV2aQY2k_MSdVjv90TAdjTqlx5g8vn4i0EyR6a60ybWJhfk7YDYzIJML5vzJUemjAUWDZHCpMdshGm38nXNKZRFMq9-IFkYXTyv_2Bu1rVBNNp4-fdTAY0jM4oQ59O-fOrgqL6Ot8Z0Rfkd0DBtEqHcKOTED1VUUYqTslStXHxE4idQFPYs5TWQcfmt0HA5QAZQyNUX8T3kPu8bACYdFGWiL0SfdlZp9BN3TBBcskKhwKKwYs4A-7o7CdF41_rAi1GYkpZ41P-QNroaRA0C8I88RQvYe0Vzk-OdPUXfeWpNyNLVoLB-gtAXMnznNoVOBI2rm2XcWYIyG1vKS1fwJKir_F8pMvwVzMIT3zS2XMmJHWPNcT2KfRaY1kobhPsuJGULKnaBJ3Bs4n8WPkj7KgjDzA1VGXfObc4MD1_-dMxAtGCylNUwqJHg5hcbJK0dMcr9D90SNJg_Ci2mTDA4TZTITb6k1UcWtYhEQ0i3sEq14Jo2E-b5gg-eF9tqbT8i2Okt-aCUl1zHbYcRyLU2-HdTau87ArjY3G_1FP6NuzrKUvu2YTCCeSl1d3RMusQwtQ7-6hc2jkuzasLQwfLP2xHyAOo13iTKa3S2_J-J0QOs9J5eTCct6rrAksP2YPFmtqcPqZM8kahfU6akkeEMi1ciIW7qHcaN_-dqdW4TF5xy8sKpIJ50a3Km_Z5vdZIpJP66Y5EioID6kIBDyLkAZW8xirbS1m1W3_6nzFXXULzdy9ft2PDhsghXzFs4mcLwxv-EgCbCUlMO1IyNbUFKZEDzlb4fBhm0lhiHFmgcsKG5qp-9ld8-d5EgEAo0OY2d67RXIw7fTAixk2iWoeuJ62_buglBGD6CG9_nKJRkV1sB2l6hmdv7mEJeQyk9DnKH8voKGnW-TGfeGuKFJJuwjlAqZ_hBabMb2e5v5XOTVM6B5mT9spnsapSVBvizOqQrtW4pEO_LCCcnYc4uAgXalLEFy2kvRMkrsKbpNiD7luN3pl6_YwBZKX_1YRbbW-Sa9pW42kqbDhOjWwlg5-quW5JmLlTm49arioJRoSTZ7P2DZyk8cgHW5zL6kVBbTNTsAu_o1AG3BGHb6ikj7o-_5t7sj2U-N3DFturoPX_OGZB87X2pdHWqrZufT67GNxjLSPJvRQmyCrKyh4-RPC6spdVp5IzSJ5OA4hQpZC7P_o-zxxtW2ivUI-XOgt82lCc2MEjoGi0kL9pGTY_NSjWNGhwL8qyzTZVO1EA_EdT6xdqAMWva81pPX2kKyZnoFqVKo7egDLhOo14wj-ktwOmJ_a9Nj0D7840QN8rv-TQZ9KwT_RinBYUd5HDmga5DrBeBHsYcuk4NwLzjcN3nU0fQ1o95snXLP-0bdJnlCGLJ5PV_wlVeVFUkjHtTl78fjeHULjX4B-HwjbL1wO0nj0TJkPfDVhhLSOY5kVYzpiOJPLXjh7jLObO-meD4pZuqgjQZn31MNI5x-Ajz3LFvdyGm_OggW77ZaMm_o_4SOwBn8wAOTT47AqhWaFhDyXPz2N3OoODMpj5Z2bmNjO82K-0m0HygNvdaLBhCnYSeantADSH0aD0nWNtFOOlsD2qoWrI5s43G1vrQUPFHr8oY-ssTvzxMTP_JID_o-PAo7Nkcl9cq_ejF2VNQqZ0FAcXuQcUonz5ul6eazx_F7eM26RaCSze3_-sZYhvAXpmGW6aUkNzQCrqO33fUwafF31Tkuj2CSa0ovRkCLx0thbPMMMJTB6PQa7i7c98B4UHBChTcw25iDq9h5Skx10oKEKOhQY1NGloitIx7EtcKPtvR5wU39CeK51NNAsy-3K-GccmAb_SENkgLjAkO_rpMyzm1pYu2Tr6TfHAwjXM4YSdwddiKuNMhmoUwGV6R54EJ95q2OSGWoagzgt8tud819r2PrTJUEy2z7tmGvAyp7vfQJwwn85VsZ1NKxXMW4EcXBNTky03NWitUuYYA56BeLOQdPMZBHmUXmfMnmui8OR7Opg0Q6SmPbLvpPINqdELJ2HMW8d5KpiHd5iZ6kraHmUw5ZACxwIk141mEMiedYnHN4CXLs4oGlXBXqXABXcInTDSYzA7VMfWn_SBMcztHJLbGTHYHLOpYNRTF4vKzhLtBZ5qnXD0CtiMC4OjsIF2dTbCRkRG8g8K8tWzJt4qI2YjvNWiuF7yKrj2udl1Jr8bLupNRSqhuj1WLJuwOuuxWW1vUgTCUOkhIY5lFhcW5TfK6fRDt4MFepVqNxqZq-EL0TJUL1GgEny2N5OBIvmZvJZwE19HiCG_14rPMXzoF_yb0w8hBJPOp_sgFOkR_rGDphbGEHbY5m3zkg_AJmfRPt2GnF_yvE_UMDvP_P7P1R8qE1jUqe7d2N7lqiyX-ccXn4j2tTi-bYIym5iXdofHgsg3WBUcwHOX_bvieQ7VvU5o7ajfcILiYW0cxKbfz2uaoQTn_k7g6AFkjOaimolxpjRXrDtqeCXgVrasKo-jKZg9dN6OGvlKZjxkCXtcxgHnM2yeomjM_kupCDE6cDS_RUVAcZE8ft0qme0I-BiJ0FAlEc3VDcOveHS5Iz810bA59q7cziBuHm1V9KDQ24ASRtN6X7-tG_CGsgloQ8tpFWKjD8Q5v7DrPndXl6xY6rsRwVcAbONV8Q_VBA-A99IDM20rNYDPayZKjyjD08ca0VqEBuoOxJD73vFyd_b5XeBbFVQ8cF-EexjL2pzRciRLPvwDtuTLy197Yw_80-fQ2C2zrygGWIx4LcTkQ1Z9tJsdRHKS2nPsSa1gF9Uh-sjF--mhFBFb93Kzo5lr1yvruJ5zf4cqdf1pLnBY3ygI3097ro6aq4_djz5rFkXCIo_Nu1g7yRR7C1ALw8LgeIbk1pMeOVSMIv3lT7jn147AhCTx_n85m1q9Upzfvn80RirFS&cid=CAQSPAAvHhf_GAfufEugLiD8lueJzukRG5E2dqdQzI8S-TrSZnvRVbL7HW1hPG-swtnId1I8TzeaYmQZsZGlSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fportaldocolorado.com.br%2F&ds=l&xdt=1&iif=1&cor=2546763770820632600&adk=929882888&idt=96&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 877F 41 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzI2OTYxNjMxMzg2MQogIHNlcnZlcl9pcDogMTM5Nzg5NDYyCiAgcHJvY2Vzc19pZDogMzY1Nzg2NDQyNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 877F 0
836 B 123ms
62ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzI2OTYxNjMxMzg2MQogIHNlcnZlcl9pcDogMTM5Nzg5NDYyCiAgcHJvY2Vzc19pZDogMzY1Nzg2NDQyNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTI3NDA0NjA2MjU0NzgyNzc1MjEKZGVidWdfa2V5OiAxMzAxMTI5MzM5MzMzNTQxMDc4MQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMjIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjc2ODE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU3Njk2NTk3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTExNzk5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMzEzMTg2MjM2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDY3MDk3NTczCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmZyIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5wbCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x33489f394384c62d0000000000000000","13":"0x773c816fb4c6ef60000000000000000","14":"0xb48cdf742b6c5f930000000000000000","15":"0xfbf7d44faece93660000000000000000"},"debug_key":"13011293393335410781","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"12740460625478277521"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 877F 43 KB
18 KB 93ms
28ms Script
application/javascript 167.235.3.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.3.44 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.3.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 22 Dec 2023 21:26:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3BF1 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 877F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd74478303af5d5d55480bd013766f7d6ebecfcadd964516f01c2858f427c153

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3BF1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1&google_push=AXcoOmQG1dp5fKH9T64y6FZQ7e3Q9JoOvcj6_qgs7TtgpPR-zW-StTikgmFIKVVPhBeUzUjw2atWkFxHefGCKXmxdZ3Rn775wyJVvQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyOTU0MTQ2NTUyMDI2ODE3Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1

43 B
398 B

125ms
79ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA8sFzjs7nOYcLvCAU5jOuM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECUkoksGme88nfXclX4sFfo&google_cver=1&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBc...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECUkoksGme88nfXclX4sFfo&google_cver=1&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEd...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7hQmWAP1tn1d013j0zOj4RY2X6ZAoOm7HTmCdA_Gt9Fb-88bVvgkV_QC4zGcg3BURbbqhU6sFh4KSaQ7YLanEdBclmktH_Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJfuuLYX7h1kVsZEOE2xoyA&google_cver=1&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFm...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJfuuLYX7h1kVsZEOE2xoyA&google_cver=1&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3NjY1MzI0NDkwMzg0MDE0MQ&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8z...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3NjY1MzI0NDkwMzg0MDE0MQ&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFmYR1E2CUhTDTUoY8xTDki

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3NjY1MzI0NDkwMzg0MDE0MQ&google_push=AXcoOmRWws84YTo9kjFMu_CrkigsyBpBPuHHeQkTgeRGc-SYSPqmsXRhn8omCSHnLmxO8BxUTj6n8zFmYR1E2CUhTDTUoY8xTDki
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_hm=ZYXU79osQauLkBJje0ee5QAADTkAAAIB&google_nid=index&google_push=AXcoOmQdvI0G9MXlLPB6oz6QYhqVbf-igiIC8...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_hm=ZYXU79osQauLkBJje0ee5QAADTkAAAIB&google_nid=index&google_push=AXcoOmQdvI0G9MXlLPB6oz6QYhqVbf-igiIC8tYZoef2aNde-mcF6Nb8_4g27ywJJ7SvaI-jzl3JjfJrSTsE4IF1iZVIgm7-q1UB4w

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU9ZO3WfdpKUNhRKQfYiy5%2FEa%2F4KANAuDqgqrQ4hodXVcbHGOOQLWW7pT2h0CmwN02uC9lx4sr5IpzLJpMLpTVrnkiGzqFnal2xg6y7ZoK%2F9zP6zcLoK7j%2F4o155z4c%2BeEBNqAGwltNBsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDNMu9-TfcEXEe8uFt8DWE&google_hm=ZYXU79osQauLkBJje0ee5QAADTkAAAIB&google_nid=index&google_push=AXcoOmQdvI0G9MXlLPB6oz6QYhqVbf-igiIC8tYZoef2aNde-mcF6Nb8_4g27ywJJ7SvaI-jzl3JjfJrSTsE4IF1iZVIgm7-q1UB4w
cache-control: no-cache
cf-ray: 839a6a7e8a9344f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 3BF1 0
236 B 231ms
61ms Image
text/plain 2600:9000:25e8:6c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECrTv-v9NevELUdMtdNfZVg&google_cver=1&google_push=AXcoOmRJUp-3RTOC_NqcXVdsjeZvwXt2n5_9oTgJwx5Urw8tK7Al5lFMGF5SsZwZa9WZq1EGOxkGoc-pCm-kpQ2qNegQY2D8SgoF
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:6c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: no-cache, must-revalidate
via: 1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: nL4seVs2E4S3EqXVACZ2nVd9M1LjIELCYXR6R2s4y_-BHdcy-lbPgw==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOyadDziUgrD3Hx00wEcHFg&google_cver=1&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmU...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDQyNjQwMzkxNTYyNDEyOTc2NA%3D%3D&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrY...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDQyNjQwMzkxNTYyNDEyOTc2NA%3D%3D&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH5zA

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDQyNjQwMzkxNTYyNDEyOTc2NA%3D%3D&google_push=AXcoOmQL9XZASsuZLQX7XwdEu17uGHMY-Bd8JmcxhDESoe4JtS5nNjrYAW1qdgQNWT7qf1Lio2LUiH2BDI6O8Nnf-nwwSVMQmUH5zA
date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 3BF1
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM03PEEW7vftQ53qm9aLnB4&google_cver=1&google_push=AXcoOmSU1rruX8e8tc7H73glB_JHTiaQvQVaVJtVGkUAUbmQ2hSB1nPdy3Y20jkAmI_KVw9LvgqfJWt9zFy...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSU1rruX8e8tc7H73glB_JHTiaQvQVaVJtVGkUAUbmQ2hSB1nPdy3Y20jkAmI_KVw9LvgqfJWt9zFyB0fa2hav66cwtToHI4DY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

23ms
23ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3BF1 0
12 B 31ms
31ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6XBZNGrq-IIlKRN-SYXbae27v3sIThxfPMVXJLFsY17KSnFXGogxRz3ZjX8BA65BnvLIT6g

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 55F4 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 75 B
112 B 129ms
129ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=965024826
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6d2cd5a964582f8f77e411f80b4f40e8cc94bfd6797a291e1fe19292072c4395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 55F4 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 877F 20 KB
7 KB 122ms
23ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (frb/6762)
age: 36
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Fri, 22 Dec 2023 18:36:56 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame F073 2 KB
1 KB 41ms
22ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 335
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Fri, 22 Dec 2023 18:26:56 GMT
etag: "64e38310-744+gzip"
expires: Fri, 22 Dec 2023 18:36:56 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55F4 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BoXvB8NSFZYWUE5aJ1PIP6qma0A0AAAAAOAHgBAI&bg=!f3ylfDPNAAY3kmNgF5I7ADQBe5WfOK2No-YEfdVvWOUDxSt7fU5PpDEtFfUZevm0kSn_e6Ca9-dR07E8uih8pJ_O3qhbAgAAAC1SAAAAAWgBB5kDoYMZIm4uQriPMnZW4NwMQ3zkgK6AfZ7eeRMGls7dis1IUna77CZtqWUMtb8y3gBUCvNQEiVe0y1fO2Htsz9QOhjezirrMsms8zUIMOM_llP_pCvBrsX_rasXP4FVnkO7FpMxWc5zZwoX-EXdHhEHijno7KF5iuXsy4Ab3_3NtlEK1eJUElM8zIKUFdlspqEDarqbyAdHP2f6z_ssZiDK3e_Yc1PQyG7ylH46A_VycyKjivRJW_2bqy7pS0BGDar-t_6IrAAq7AlH8xoSlxRaAJu8LHGvG4ifa-pjN0YyJiHb-t3kEPJTK0Bspu6bYYsnWysFxCmD7hqtX5ouA0R8LRkK0-uudyTVck-5BXfR76vGib3ViVyPX7j1ntKMP2am5cTD_UPB1ukliTrWcA1p4R2Zm12rKp31tVEk7zJBbddOZKUWe1QwslvIzOZFlUoyVJ39BrGccnuP-UnSy-lEG8kQIABaIW6_tneaNOR0k86ppZvFJTboirCnandBIjVz1ehZzLrLLnzY98YPKWOSvVt1RYD4rQz2GP_lEGsg_Y4sPYTZ5MErKkrf7ZZu77SufHxKYCjLZ2xpJCZfi-41hP_f8ZDyiBDSrb6ruBT8nGHFQpOP56f2Gr_6QM-ShwKeGdxEf3EHREA1xvRY5DTVaagkKvf_j_F_b1DOPr8xvEuAg2tdhENGGXlMOOHacLOIVlpV0B7WPqW0e0ifcwaVJD-zcdXqQz8Y8JQxqo9Mmn-XVBa5MOz7mCQaiZdCXug9vVI81Q5kDeeyxqaUPTueR6-nAJb1Syadz7ocPrWsHpFRQQHfA88hBKhiDqz0fRtsVGyd03J2HBDDiBnpphblPT3SPfIjQzVs9rcf8zL8nx_Y1v6RA5jQvTdJN9jnRps9OMwvVhJ-GKHCIxioRICyseprkANjRjw535-r1zhQyaA27fl4LOuRc9uiogx-YMncq-9tXDl3PnjaDsZPjPXpyxRd8YavpIhN1xJ7IUbSXNMqlDrL84qhkfbYEEHx2C7AGathYSlzdcw_ZJeIniPo42EjBGkTYpVikm1YXR0LhyAuKUVIAlzZa4dgBZg2DaIWow-t2s6zGoPLjqqa-MM4gFcTBEq6eFjLysLWzuOSWYlBpFC5TKa6D3zErU7rmWynh6sPAb5nwGUTTEdeNAPvDfVMzB6ze1J6F_10Z4MeJ3h2tCZhvRKtTjVfAYzfBEq6eo2FXtfR5-tk5oRKdomvYTDL

Requested by

Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 71ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Dec 2023 18:26:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOje6CJ74EQeoMlGW5PX-0g&google_cver=1&google_ula=862479430,0

70 B
364 B

149ms
133ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOje6CJ74EQeoMlGW5PX-0g&google_cver=1&google_ula=862479430,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOje6CJ74EQeoMlGW5PX-0g&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3634900500930897&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOLIfFonenQ0micrOKhJbcw64V2c06Hjqilk7XWoUgZS1KNbWQ5Db_CiNKg4hDzS7AgAAADxSAAAAAmgBB5kDC0v0Y5dCuit9IKV8XBTO_vr0q1BmAA1BbwY50leqmwgYu9Nm2dZRDtoKPk1nNbpiW24Rg_UI8V3UEEoNlp8fn6veD6NTyNr6FOfmc_ecvJxC7PKY99waCEqU54wJove25MOfah6DCDTSWSodUcxltbMIQCuIuLb2zyqY_lNTM1i3BHAVRy0lohBY95J8Rb7MaZPhQ2uSRqAzLX0JX4Yn_DEuwRG_-PPa_Y8cRpu9awKrr4LEolqOr00zH6rGf1Td8-6JlF8VSI3Ix6SPYwGYj8Q-gBLXcRT4gopjfHrsk_8nmke_JqTqQKsJC1jF5De2OyToqzzazXh-LTr_Rtze2IWPBIbYdIckG0mIr5KKz__53eZG1hbSoa5HUNVBTuQlBX6nvDWehDzpiK_bkLCOqcOW_0uTfdFAbLRd5-TUsnf65vqijj18-Dk9scmr2WM2WNXPcFMgBNdZD37tvziNHA8Vfor5gRafMUuZuK42sywveV7tPAqDslne8exikDLSKMB25Bf-y_x-KjFYSZa0Fxlk_X_-OoyEoHxb3gnLoWBqwZghmIoyNF54_HrXbulhGeTJoxVrT9srZ-ZkklSvIckCwMPt7g3a5GHrhJdQCoJ8gew1F2GA-ce-PhReI7CItJYmgU7qgs4lPOlLQ5Z1QCO5djqPzTg6RQhaLdeW95MAbdbD1LyaZqjeqecF6-tUiZS10Ryajaq1Z-qGs_rydnIZF61C62Pw72HJ4oPVlttjAFEJag6sbYSAfRyPOHewnN-5-MEEmbZMKWUk9nYM4IgqBBT4JOKPatr3NZZHwBHX-vNBTqoBx4-YGjqGXwT3q0mVX6O8UTTo98IBdRAfb1zpM65krpKhvGz0e_8caOWkeqMsy0y_qOEplrWs1JahMpd-SRyFXk8ZWtT2ISoeB3am0NEODLEWXZKBQtlS0tSAOqe30m4wX6Lrgik-fJxBUKyzDN1t1u0IS04zMagFr2SZSRlYzIF3Dfr85v8vYIk3qsEdQRcqvo7xx9FY6Pse_zdc-TVKMAhN3ys1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 tag236615 Show response
ads.revjet.com/ Frame 877F 245 KB
40 KB 48ms
47ms Script
text/javascript 167.235.3.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236615?_plc_id=111756833&_key=a27&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVNtf79SFZditM9z2x_AP2ruMoAGy5YC9dIijr93pEejQ74CZAhABIP-7vpcBYJUCoAG5rJCLKcgBCakCfs0NW4d9sj6oAwHIA5sEqgS1Ak_QNQKF5CPHYVFKJRQlBi4fzH6zRHQ3s7u9gb00IaMOJqIQ5lXKdYd4Zn7ibZs2F6J4DOWblOlqa6Fyj50KXRfQC1PAc9hCRIE9v0T8JUcRDyuupkJIiGfGYoVIaJK95BnBIXCU34uzvtFjMeDLEyY1PcIE7T4bH9cv9EjAFPFxS4xGmJ2VumammWZry7iN_ki3gvIsxTPDdjGgutiKR_S4S4VNRP1-ERJTW_f7NVWYic-8ca2KB0Pp6e5QwSDtbB1mqlUYv9m1wjfgiJDQZCDeY6MFBRl_lWaM2oSTuKPynvfp4AtvO46OpbuA4PQqYfewrdUHkc44sc9dz1nPCHXbV4j6cRpfwL3svaj-n1p6LRxBHFxeDqg_HHKTlnfMexKva6xylHpZjt9ZBCWJu8tI6nyvqcAEsPmJz7oE4AQDiAW8v4rWS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljD-57j1aODA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIoJ-f49WjgwMVXPsRCB3aHQMUsBOg5-wV2BMNiBQF2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_GAfufEugLiD8lueJzukRG5E2dqdQzI8S-TrSZnvRVbL7HW1hPG-swtnId1I8TzeaYmQZsZGlSxgB%26sig%3DAOD64_0kofwN-DqOHm1VB1dlLb4BpVqDpQ%26client%3Dca-pub-7720745209849945%26dbm_c%3DAKAmf-DGA49XaCCBpNr4gBQkSYY24ydmudPRpryc4iUTSzSVEjXM_cHeJ_oeYVHHRFL23BTnA8MdfURCeCMLHAFyUmgm1ipkk-ISXRbSvBcRRupnh2bSOLYgZd1rmOFkV8CZNbWXgnS9ErXyShqZHT_Pn2cEEp5PVJRix1S83yMGcXFX_L22Ei8%26cry%3D1%26dbm_d%3DAKAmf-AwiWsJsHZmNkA2UmDSyUzqIXZ_U7A1gnusyY9n3HBuygH15jP5NI24lhwBJgMP30ayA20wj02fugZVr7wYv-EQaXVsPxdflZMzVSYqvbw5VO2bAVyIMfjJTohz726ZpGL7sviJbpszihnXTN3pWFxdAA4xdXWHo4rngIMJre4iWmjvcb1TCckTyT5LO5evr8QUTFAYDHm_6tWA9A-Z-0BWtxOsX2aN39ZtCdDuhZsqNQz6cYw6Ok6ZgUc4S4xoHr-QsU-p7uF70EnW7sY7tWo5UjIkxbEJr4YtA_aM1FNpeqzaQrLztUg-jQwzEtwKiML6oEN_jY4V5UNVdHUCE6_Wba9SvAZ4XKkzuAnppxpqvHY0Tr7SxxYPUeEPExcX62TLAjXrNIjPyYuR4suckz4ruJFGqAs4WM0MyWgK7_tl49dOlMocrIlNMNUqH9LgTfySPOKmhw_oU7d34xTerWA9KrB0HlMNXwqjUZzQ4L-iapsmQV7yKGtoxoe1qpJk2U14cDdW9gJxfoyIc1GE4UVuCTWyTXjDOsbfGVuSJZbr-GsjrZC0ED5PufXY9gQwDQmgXDUc%26adurl%3D&dv360_cmp_id=20313186236&dv360_li_id=1013245245&dv360_crv_id=467097573&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fportaldocolorado.com.br%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=afb67b22341c128aec84_1703269616608&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2F4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fportaldocolorado.com.br&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1703269616610
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.3.44 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.3.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 2bdc83f62e8bbe08b28e164bf78b4b5fa21c595035445b8c9ced7bc489766756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56675
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 135ms
129ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=___de_1703269616226_1410576311&tJ=CA15795,CA15771&tQ=r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FEFD48565B806686902BCEC09&tX=b.52&tY=1&tZ=947331466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E1D9 167 KB
49 KB 134ms
68ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Origin: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:27 GMT
server: ECS (frb/669E)
age: 473
etag: "64ecabff-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Fri, 22 Dec 2023 18:36:56 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame E1D9 43 B
170 B 96ms
27ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=9036fe4792d3efa0987f73432f871538&__adt=8240603471525826162&__ade=1&vid=5110204610103462895
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame E1D9 33 KB
33 KB 23ms
23ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 75288
x-amz-request-id: 8T8PD5RMARCY8YYN
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: Vd1jngaF8ZkmrTSPvfpgvrobdckRUFDIQcC5EeKUDCwyykaBkF9jIfeEYLqfj9aTxR2U+P0Z4g4=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E1D9 56 KB
15 KB 27ms
26ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (frb/6712)
age: 257
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 22 Dec 2023 18:36:56 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame E1D9 3 KB
2 KB 41ms
40ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 70316
x-amz-request-id: 6TS3QTWM54T8CJJP
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: vUPJuPr7ZRG74UoqlVfN97nBOo/GGY8S3aAhokcd0A7XK0Bh2rF3Wmr3Fnrd7q4IphVW95+VKsY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame E1D9 632 B
626 B 44ms
43ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 75292
x-amz-request-id: VYX17WYPKEHM5CPE
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: v2T3OxBIt0WldyxUVHE21xCAhGCkcc1wS83ekJc9IQvYvkbl0/KxrLrG0XGe0eSKvsFnmgW7vrQ=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame E1D9 7 KB
4 KB 42ms
42ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 72957
x-amz-request-id: P218EPSDZSRCW8HA
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: Yyn4lJ8wpnuv+WAaYEsMxgAFoSfq9S4uZJkKegk7oJAwkdtq/nCWGi2h8hteJ0sMOo8C3B9n95A=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2

200

B29257362.357505518;dc_pre=CIyn2OPVo4MDFUmZ_QcdqZ0B_g;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1703269616638
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame E1D9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17032696...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CIyn2OPVo4MDFUmZ_QcdqZ0B_g;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

46ms
46ms

Image
image/gif

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CIyn2OPVo4MDFUmZ_QcdqZ0B_g;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1703269616638

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CIyn2OPVo4MDFUmZ_QcdqZ0B_g;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1703269616638
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame E1D9 470 KB
470 KB 77ms
22ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Origin: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 35748
x-amz-request-id: ECBYM0X51T64TZ9K
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: jun0HYw7aj3BlD6dIZRZodnmTTc+WdT+hVP0BH6BLgWvR9Zi/9mTFdnCcmFwBv1mApycRwuROpk=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6724)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame E1D9 33 KB
33 KB 50ms
44ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Origin: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 473
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Fri, 22 Dec 2023 18:36:56 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame E1D9 13 KB
13 KB 50ms
45ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
Origin: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 2121
x-amz-request-id: HS0SK60R4NAK4Y93
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: l/xZIXG5tEj/v8WMONlNjp6/zOkA0hbwI1LtNQiVfi2f0u8dHA2CYoJnaH88DKELhdsDheuPXiU=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame E1D9 286 B
459 B 24ms
23ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 75291
x-amz-request-id: 9M826FDKH0DM5W76
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: VCpDvweaWt0J0MbvJzWMBly03jSV2Tgq5W+TLJT6qX1GOYnuuBR0QcBM4MLihRT+Ud/WBEqmyyo=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame E1D9 43 B
169 B 55ms
55ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=9036fe4792d3efa0987f73432f871538&__adt=8240603471525826162&__ade=1&vid=5110204610103462895&__clstampdif=219&__stamp=1703269616910
Requested by: Host: 4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
URL: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 18:26:56 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 1666362721_uc
cdn.revjet.com/s3/csp/1702543642726/ Frame E1D9 66 KB
66 KB 24ms
24ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543642726/1666362721_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: a9233388d3fa0075594b32d17212ce961c588498493679d1fdd831bc597c1fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:56 GMT
x-amz-version-id: N61zeGbFz.58oXQqDvBCJrSN8L9HIux8
age: 34747
x-amz-request-id: K31QY83945AVCP5F
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 67613
x-amz-id-2: uVH3lYGsz+kQBB2MHthU+nbdgASvLsLpgP7VSgFHXfhfxlkXN/qULI38SoRD6afc9XhFPHcDGi8=
last-modified: Thu, 14 Dec 2023 08:47:24 GMT
server: ECS (frb/67AA)
etag: "027ccdd473427023b8566657997c8be1"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 23 Dec 2023 18:26:56 GMT

GET
H2 200 / Show response
info.nsmedia-advertising.com/ 143 B
586 B 120ms
48ms Script
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.nsmedia-advertising.com/
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/5377ff0f0f7d7c74680c2920cf8beda3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a61348cf65c3be213183bc6c9a2dcbcde7322cd8efcd1144414aa0cba9fdb97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:26:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVqMZwGPhSQ1l%2BKd0h7Jx2a9iKjDGsjrStNqL1PKF4LuGPVjrE5N0GtAAu9UENdUcGV8RHqVTDVzcXnehUgDN2VHhUxvLjqiiGAaUl4BqNGGi8icMWD44r91oBAxTI3P1DF%2F4sPCQnqJeEV5BiE9dvfi8r7UPBnxOQAn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 839a6a831f911c6d-FRA
alt-svc: h3=":443"; ma=86400
cf-placement: local-FRA

GET
H2 200 DE Show response
c.nsmedia-advertising.com/unibet-32red/ Frame 7642 678 B
644 B 116ms
96ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/5377ff0f0f7d7c74680c2920cf8beda3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: QW41vgSQDoEEP8Q=
cf-cache-status: DYNAMIC
cf-ray: 839a6a83c86c1c6d-FRA
content-encoding: br
content-type: text/html
date: Fri, 22 Dec 2023 18:26:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlBuRJiMY%2Fsy5RXFKzaNOnql%2BxzfH9TDrOaKR5%2BIYDEWAtPyRBIXQ1S9IcgR%2FDEwfkZ0b3n2DEgeFuemtKmEM75L0zzDC%2BkzDZmqx9zkclg5kcCBitm7uD9mcXvAwYWqRe3PlytT4JKdQy8ZvGOx3IoMO1Sf3RRT"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

404

btag=81765197_85632373F67C433FB63211A56CFEFDD4 Show response
b1.trickyrock.com/ Frame FABD
Redirect Chain

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664
https://b1.trickyrock.com/btag=81765197_85632373F67C433FB63211A56CFEFDD4

1 KB
1 KB

68ms
68ms

Document
text/html

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1.trickyrock.com/btag=81765197_85632373F67C433FB63211A56CFEFDD4
Requested by: Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 1245
content-type: text/html
date: Fri, 22 Dec 2023 18:26:57 GMT
pragma: no-cache
x-azure-ref: 20231222T182657Z-gk93rp59q94hr43wc5a1sp8man000000056000000000w597
x-cache: CONFIG_NOCACHE

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Fri, 22 Dec 2023 18:26:57 GMT
location: btag=81765197_85632373F67C433FB63211A56CFEFDD4
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 20231222T182657Z-gk93rp59q94hr43wc5a1sp8man000000056000000000w58z
x-cache: CONFIG_NOCACHE

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 877F 42 B
64 B 68ms
67ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsub7qKPnsXqA9L-pDe_LLdzdYwwlxCOIJ58jlcUG0YdBLHoo_mUitN_b9inLTEBssxOJ-xRmrWpGuju042Xhn6eS1nYYdLW4GAXcGqSwfz2Zv8E_2GKNB_xjZGndo9j5RPVJ7FqsuQTJUhabmWJusUi6wqB&sai=AMfl-YSXr18yRJadk4e5s0HRF54ehWSDlQrS4EFpH2X-q2cnE_h-6RSrOt8_L_0wuE4jlzbSzloxnYwRr07lZtrQwTrlNoSiaT0mCx1R9jVEInV8WvbXMAngmwUkGxR1&sig=Cg0ArKJSzDmaxWKQqEPgEAE&cid=CAQSPAAvHhf_GAfufEugLiD8lueJzukRG5E2dqdQzI8S-TrSZnvRVbL7HW1hPG-swtnId1I8TzeaYmQZsZGlSxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=223257348&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703269616178&rpt=194&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 877F 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=805120878389&version=m202309260101&ct=77&x=1&cor=2546763770820632600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame E1D9 43 B
169 B 27ms
27ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=9036fe4792d3efa0987f73432f871538&vid=5110204610103462895&__adt=8240603471525826162&__ade=1&latent=0&vis_type=8&__stamp=1703269617932
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 18:26:57 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 DE Show response
c.nsmedia-advertising.com/entain-bwin-de/ Frame C3BA 662 B
615 B 69ms
69ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/5377ff0f0f7d7c74680c2920cf8beda3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: QW42Diq2DoEEP7w=
cf-cache-status: DYNAMIC
cf-ray: 839a6a90087a1c6d-FRA
content-encoding: br
content-type: text/html
date: Fri, 22 Dec 2023 18:26:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQZXaLGBNw3Ol0cHsmERBc5Dr9%2FGI74X3TgX%2BxsANF4AjSFGrN23gJMpfeQKJvuD7PRWmPmcc4%2Bme2hlPDdMbXZsgqVOe34hkYS3JlScw7EgmZhRYAp2u4%2BnFss6W2mGE33JDuOvJ53hTawXNKb11E6LOPkO5MZN"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 contact
www.bwin.de/en/mobileportal/ Frame E25D 0
0 409ms
335ms Document
text/html 104.18.28.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bwin.de/en/mobileportal/contact?wm=5322937

Requested by

Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src *
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 839a6a90f9e08fe3-FRA
content-encoding: br
content-security-policy: frame-src *
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 18:26:59 GMT
expires: Fri, 22 Dec 2023 18:26:59 GMT
server: cloudflare
server-timing: vanilla;dur=247.0126
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JPC9Z9P3G&gtm=45je3bt0v882341509&_p=1703269613824&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=769172855.1703269614&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAK&_s=2&sid=1703269614&sct=1&seg=1&dl=https%3A%2F%2Fportaldocolorado.com.br%2F&dt=Portal%20do%20Colorado%20-%20Not%C3%ADcias%20do%20Sport%20Club%20Internacional&en=page_view&_ee=1&_et=2&tfd=7006
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JPC9Z9P3G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldocolorado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 18:26:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldocolorado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DE Show response
c.nsmedia-advertising.com/pinnacle/ Frame 46E0 690 B
783 B 164ms
164ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nsmedia-advertising.com/pinnacle/DE?l=906248c8-82d0-4af4-9b4a-2214bf41575e&token=28852275-01fd-49c6-819a-37603cd86759&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9wb3J0YWxkb2NvbG9yYWRvLmNvbS5ici8=&url=aHR0cHM6Ly93d3cucGlubmFjbGUuY29tLz9kdmM9ZCZidGFnPWFfMjgzMzhiXzE2NTgxY18mcmVmZXI9WEFGRjU5MDU=
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/5377ff0f0f7d7c74680c2920cf8beda3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f70d559adb9c2b5e08824564ffbdb80042b7e5dce10c69848fb2c3ea4f3a968

Request headers

Referer: https://portaldocolorado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: QW42YgDtDoEEJfQ=
cf-cache-status: DYNAMIC
cf-ray: 839a6a9c8f78bbf8-FRA
content-encoding: br
content-type: text/html
date: Fri, 22 Dec 2023 18:27:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSco6ROMQDLIY6ORw186beYM69PVZ2UN9Wt4OtAJ5sM2Rzm%2B14gDuasl%2FBHa0w3vwrruUbh%2FR4Gbf9N9gbEMP92Qk6%2BHTHs44bli5V2nt5O19KZeZZvNS5cpZBPR1tI8rkwrCgFwBr55ui3TT5cxb02aLAm4Flkr"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET /
www.pinnacle.com/ Frame 04BF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWwU0iJnRouFqiG_soLnH8d0HNP2eY72Yw-P1Ad2MrfmQPnRXJexBEC7sf5PQkrORRtc6WIVreVY0Hplnva9lwdIi6RSm7H0fkyoprkgMpviHVJovLCKeUmZM451a5NNrZSloelgxsM4qLqpIzAYd-BZ4p&sai=AMfl-YRo4grtpbUvGDHniFTfeztoDVVVLH0m9CUv1ktAhKbIIi5A5LVuF7XxggLGHnvffM3kMw-yVFjjHsDXk83Jj_yuiLZGHZf04TRbArq0eKBdTUAKAEKERPPs-pQY-YMr0byX9bchd-sSUe5XADzbrQ&sig=Cg0ArKJSzG2xfnBVkPavEAE&cid=CAQSTwAvHhf_48I_kA4QeNNAO5M6goSFYj_sEUfBFYcYNqzY8woV-ChW-mDw3nv-uoHbpkq4lTryf8UR72f6dRvARChIrfVeyqUp-eUjkZq5LQEYAQ&id=lidartos&mcvt=796&p=0,0,90,728&mtos=111,613,796,868,868&tos=111,502,183,72,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=223257348&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1703269615058&rpt=211&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhrP64tWjgwMViYqDBx1yxggXEAAYACC7nrBiQhMI47nb4tWjgwMV2G3gCh0CgAsO;dc_eps=AHas8cDmECJHCT7z285l5K-c_LIf2wH3GfJR-Gzp8HHXf_JQCzjywt1ivWYMV_DZuScMXQRLhU0Ceq0;met=1;&timestamp=1703269616145;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d&btag=a_28338b_16581c_&refer=XAFF5905

Verdicts & Comments Add Verdict or Comment

433 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.portaldocolorado.com.br/	1970-01-20 17:09:16	Name: _gid Value: GA1.3.299880378.1703269614
.portaldocolorado.com.br/	1970-01-20 17:07:49	Name: _gat_gtag_UA_192628768_1 Value: 1
.portaldocolorado.com.br/	1970-01-20 17:07:49	Name: _gat_UA-192628768-1 Value: 1
.portaldocolorado.com.br/	1970-01-20 17:07:49	Name: _gat_gtag_UA_192628768_11 Value: 1
.portaldocolorado.com.br/	1970-01-21 02:43:49	Name: _ga Value: GA1.1.769172855.1703269614
.portaldocolorado.com.br/	1970-01-21 02:43:49	Name: _ga_8JPC9Z9P3G Value: GS1.1.1703269614.1.1.1703269614.0.0.0
.portaldocolorado.com.br/	1970-01-21 02:43:49	Name: _ga_N254Q8C0NW Value: GS1.1.1703269614.1.0.1703269614.60.0.0
.portaldocolorado.com.br/	1970-01-20 17:07:49	Name: lotame_domain_check Value: portaldocolorado.com.br
.criteo.com/	1970-01-21 02:29:25	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:29:25	Name: uid Value: 4318a664-7afd-405a-a00d-e598d82b06dc
.portaldocolorado.com.br/	1970-01-21 02:29:25	Name: cto_bundle Value: McM4-V9wRFNJRWt4bXZneFlJMTRwZGtQS1Z0ODIxRVFkSXJLVHI3dHYybmpvWmwlMkY5MXhNVUNOS21aTkdPSUNTZkNCSzVkVkElMkJYblRhN25GbGNnWTF2R2YzZFJualVZdDVMNVpXU01wOG41OFVYb2h1YXd4UGZ6WHolMkZKM1IzMTJhYk0lMkYwQ05aWFBhVldXcU53dmo1VGt4RGd4a0lHNldocHJwSERkSFloanZKa1p1USUzRA
.openx.net/	1970-01-21 01:53:25	Name: i Value: 3486b3a3-c0ea-45b5-8396-93e5bffa61f4\|1703269614
.portaldocolorado.com.br/	1970-01-21 02:29:25	Name: __gads Value: ID=8cad2c041fc318e2:T=1703269614:RT=1703269614:S=ALNI_Mb3k6O7kFhuAt058LARO_AauiMaPQ
.portaldocolorado.com.br/	1970-01-21 02:29:25	Name: __gpi Value: UID=00000d25ca7039a0:T=1703269614:RT=1703269614:S=ALNI_Mb1RDFqWLv37JfuF1xXmFGYJItACQ
.doubleclick.net/	1970-01-21 02:29:25	Name: IDE Value: AHWqTUl79x73eaQDMeJf3d568k62UxRJEIuIL8chGjP4zwy-dDFYYg9NLEuxtia_
.doubleclick.net/	1970-01-20 21:27:01	Name: APC Value: AfxxVi7CwaolfdvLuMxdCi00_h8pEEchRXBN-xXZP5nBKrhOuQEumg
.ad.vsrv.media/	1970-01-21 02:43:49	Name: uuid Value: 214a9bf4-5413afb7-6585d4ef-3ca0-8241b0ce
.adnxs.com/	1970-01-20 19:17:25	Name: uuid2 Value: 935125915975845209
.casalemedia.com/	1970-01-21 01:53:25	Name: CMID Value: ZYXU79osQauLkBJje0ee5QAA
.casalemedia.com/	1970-01-20 19:17:25	Name: CMPS Value: 3385
.casalemedia.com/	1970-01-20 19:17:25	Name: CMPRO Value: 3385
.adtriba.com/	1970-01-21 02:43:49	Name: atbgdid Value: 685f8ae8-c794-4fcb-a285-ade5c5dc45fd
portaldocolorado.com.br/	1970-01-20 17:07:51	Name: tt_c_vmt Value: 1703269616
portaldocolorado.com.br/	1970-01-20 17:07:51	Name: tt_c_c Value: direct
portaldocolorado.com.br/	1970-01-20 17:07:51	Name: tt_c_s Value: direct
portaldocolorado.com.br/	1970-01-20 17:07:51	Name: tt_c_m Value: direct
.portaldocolorado.com.br/	1970-01-20 19:17:25	Name: _gcl_au Value: 1.1.1896554657.1703269616
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:51:01	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=
.t.tailtarget.com/	1970-01-21 01:53:25	Name: u Value: fwAAAWWF1O9paAa4Cey8AgB=
.t.tailtarget.com/	1970-01-20 17:10:42	Name: _ssc Value: y
portaldocolorado.com.br/	1970-01-21 02:43:49	Name: _ttuu.s Value: 1703269615919
portaldocolorado.com.br/	1970-01-21 01:53:25	Name: tt.u Value: 0100007FEFD48565B806686902BCEC09
.t.tailtarget.com/	1970-01-20 17:51:01	Name: ttbprf Value: ___de_1703269616226_1410576311
.t.tailtarget.com/	1970-01-20 17:07:51	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:51:01	Name: ttnprf Value:
portaldocolorado.com.br/	1970-01-20 17:09:16	Name: tt.nprf Value:
.adnxs.com/	1970-01-20 19:17:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?lt#$h(!]taT8i_iqf!oN/@E'zz<Z0QZqMZRlgckK^@v0ef@b-p`.vq9Ms/($2$XV_TD._PlZ[C[-kX-IfFTh
.3lift.com/	1970-01-20 19:17:25	Name: tluid Value: 4370426403915624129764
.doubleclick.net/	1970-01-20 17:51:01	Name: ar_debug Value: 1
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:07:53	Name: ttca Value: CA15795,CA15771_1703269616
.adform.net/	1970-01-20 17:52:28	Name: C Value: 1
.de17a.com/	1970-01-21 01:46:13	Name: guid Value: 1.6896466761418801622
.adform.net/	1970-01-20 18:34:13	Name: uid Value: 6976653244903840141
.turn.com/	1970-01-20 21:27:01	Name: uid Value: 2729541465520268172
.revjet.com/	1970-01-21 02:43:49	Name: trx Value: 5110204610103462895
.revjet.com/	1970-01-20 17:09:16	Name: ads Value: 9036fe4792d3efa0987f73432f871538
.t.tailtarget.com/	1970-01-20 17:51:01	Name: tp1 Value: CAESEOje6CJ74EQeoMlGW5PX-0g
.t.tailtarget.com/	1970-01-20 17:51:01	Name: dc Value: 1
.t.tailtarget.com/	1970-01-20 17:51:01	Name: n Value: 1703269616
portaldocolorado.com.br/	1970-01-20 17:09:16	Name: _NS_nbrePageViews Value: 1
.trickyrock.com/	1970-01-21 02:43:49	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a74444021%2c%22BID%22%3a34664%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1703269617483)%5c%2f%22%2c%22CookieTag%22%3a%2234664744440219c46%3a486e%3adc6c%3a1101%3a2%3a0101%3a06b1%3a1002C202312221826%22%7d%5d
.bwin.de/	1969-12-31 23:59:59	Name: isLanguageChanged Value: false
.bwin.de/	1969-12-31 23:59:59	Name: lang Value: en
.bwin.de/	1970-01-21 02:43:49	Name: dark-mode Value: 1
.bwin.de/	1970-01-21 01:53:25	Name: skipUserLanguage Value: 1
.bwin.de/	1970-01-20 17:51:01	Name: trackerId Value: 5322937
.bwin.de/	1970-01-20 17:08:04	Name: trackingAffiliate Value: 5322937
.bwin.de/	1969-12-31 23:59:59	Name: vnSession Value: d486dcb2-d18e-4310-b6e5-aa8071133af8
.bwin.de/	1970-01-21 02:43:49	Name: usersettings Value: cid%3Den-US%26vc%3D1%26sst%3D2023-12-22T18%3A26%3A59.6376156Z%26psst%3D0001-01-01T00%3A00%3A00.0000000Z
.bwin.de/	1970-01-20 17:07:51	Name: __cf_bm Value: AdkCwp1OzndwYBxlnBtLXRQEPG6XeVqaYqN9yX1a1_g-1703269619-1-AVPcnvr+37H0wYpuA7jSBvJFrIfg8on206oLcnHvmbCmgZO1WOIovZY2xOMsO3Xxay0LtrQwrfsXadwLVPKuJfw=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b1.trickyrock.com/btag=81765197_85632373F67C433FB63211A56CFEFDD4 Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.bwin.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c85047412999262b3c7bb5117063629.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad.vsrv.media
ade.googlesyndication.com
ads.revjet.com
b.t.tailtarget.com
b1.trickyrock.com
bcp.crwdcntrl.net
c.nsmedia-advertising.com
c1.adform.net
call.cleverwebserver.com
cdn-ima.33across.com
cdn.pn.vg
cdn.revjet.com
cdn.taboola.com
cm.g.doubleclick.net
cm.t.tailtarget.com
d.adtriba.com
d.tailtarget.com
d5p.de17a.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
info.nsmedia-advertising.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pix.revjet.com
pm-widget.taboola.com
portaldocolorado.com.br
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
scripts.nsn-server.xyz
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tpc.googlesyndication.com
tracker.myth.dev
tt-9964-3.seg.t.tailtarget.com
ui.cleverwebserver.com
www.bwin.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.pinnacle.com
ade.googlesyndication.com
pagead2.googlesyndication.com
www.pinnacle.com
104.18.28.137
104.18.35.167
13.248.245.213
142.250.185.134
142.250.185.194
151.101.1.44
157.90.6.85
167.235.142.248
167.235.3.44
172.217.16.194
172.64.151.101
18.239.18.33
18.239.83.58
185.89.210.90
192.229.233.6
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.168
2600:9000:2204:d000:1:825a:8300:93a1
2600:9000:25e8:6c00:1b:5138:8a40:93a1
2604:4500:6:3e3::2
2606:4700:20::ac43:4637
2606:4700:4400::ac40:919c
2620:1ec:46::45
2a00:1450:4001:802::2004
2a00:1450:4001:808::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9a
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
3.66.143.165
34.102.146.192
34.102.185.99
34.120.107.143
35.201.123.184
35.244.159.8
37.157.5.132
51.89.9.252
54.216.91.216
03fc48c7c742ed50bf4e82ec9e205bed0f2ac080baf4d691fb3c40c1f690c49a
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08ef8089f069fa8bc17173e97efb724e2282125d71214a1c098cbde6dfcc4388
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf6bf72b4b0419a38e7fe16e49283fc31208d03afc964d7f3c97fba32f9cc46
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
15b691c2e632de06f173ead6b48ec48f568c32ac5237fa326da29bbb61cbbfff
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21
1a6785aa7c847592abd5f5e6ac5e6eb90bafcbea6cecd1f25deef134f7310a0a
1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3b38e60ccd3d8c58a1f8a50f386f0df2d445d05ee50af31d3b214534cd13e9
1e3facc77bad4927bc0d9ffc3e0fc11b0f9710609141472bb3155e423ff5877e
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
222cc41865899f54d1766b174b5fbb28ad57109b6fd9e5096344b8639d389d29
22dc6e8f6313283486196a2ec8befda54a3f751658ba2d2e6a1fe715497d4f54
24e3591a56b8a1eb15ea6334f1231f656c0e5897aeb37b10e8718ca7865486da
2535850be8318ff6ac726594b988a01a7797680e1a3806738f43f45a6df481ad
261c01ae55738d38d2f781b8b1479b5180b1708ee7dae51bb4d5dda1a0c9ae1f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29b5d2cef459c28aaa90632d51fb301a3ef11f016696dfaf0b2d4e7bafce6d42
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bdc83f62e8bbe08b28e164bf78b4b5fa21c595035445b8c9ced7bc489766756
2ce4dbe53affd38066c68cdaa4c5413f552f53a5df076c96e20aab6aa1221c35
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
309cbbab863da6d93fa4a6b1e9b2e71e7dd9fb22ab803d71c1e2f19feef0883d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345834e2b518440bcf4b14132b641b856305a9ad79953753cf8104d503e4c793
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3f70d559adb9c2b5e08824564ffbdb80042b7e5dce10c69848fb2c3ea4f3a968
415633abe775b5b0dd5deaf626a5e14cb4184328aa004bad66c88c95df3e6960
435bc3ed6fba1f122dec8f5261877048c6c8c4eea6fb424a8ebacd46bbbb2505
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45dbccb6e66e7e8fd25ded2574f81e9b2ac736170e8f30bcb80650436b9fd61f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae242110178976ed2f3c633bf370e995631a16f8549bb94e18c29b3c3c02b67
4b582a40acfe21c24681f922781086f4e76251c7c887922171c068a6f2ed2964
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d388b69577d270ad9a717e110026186945614ebd7adeec902b5f23a4738713c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5385a2b13dd93aa8b41ee8ff3113ff73e2d50f688b665dfa24f2ea1779220c13
53d4114fbd4b94de008401dc1381e75046f8273032b270dc1879dfd2d3ff8ce4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5ac47a193e449e746582c8675ca17677fd7b87ad8e99bac259a693e278029b1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4
612b427a81b19d61e9f794ba2bce0ab551ab170ec440bd7d26677b6bcbb7c83b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
652ff8c7ccdd5c34aa5062b6bc776c3416543c391c9d29ad81beec8a11a9d805
653ebf2b44f54b2a70873d44274f3658861d0a6f6e9195fd8b1bc903268aa730
66696301289bb698309eef01fd61feb60ad769c767c9c4819b66b00df2de1b3d
6a61348cf65c3be213183bc6c9a2dcbcde7322cd8efcd1144414aa0cba9fdb97
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6d2cd5a964582f8f77e411f80b4f40e8cc94bfd6797a291e1fe19292072c4395
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7
755fb6edd26e00462f0ffda5414c3514bbf19a5b7790221702660abd5e91cc95
7f539e2439f9e7b83cbe7ba37ecee57d4272ff651b94fe94542b67166c47cee8
81fd31218d43c0f9aeea6f8b7b2ac6cc15a6e238b163a1b170c9162096943d6c
86a15c2a4be68cc873e4ce4cef718ee5246e1a9591555963e3f9fd50bee48cb0
87c3f7e40ca17efea83f04790d4433e2d2c92988aeb5eb932fc837f2354abe0e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dc24554d764cc2c889a1ce7585f1cd2860f0977d8e7ba6e0938a441d2256751
92f38dea59de2f16088eedb2be7a7629b2929301be48781e85d32b60209746b2
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
971024fcabbed34f43dce04ea68405f93c7c077c9d402d0e3c64317028f55d41
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab18a90107dde9bccc4288659bfea319e56881ead32a017508980073461c1c3
9cc8665b302d1d2825601e39a90240ad96cffc00fe3d124d75a7a0e561901490
9e80b19b6cab66f1628cb036a8d49bafd68cdc8a89aa867d4f11fd72fb2f50cb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2c8a5073a4309961fa85c94b0c0786888b818ad9cd22c328d942cddbf42abe4
a3d53d514151dd5903f70536ac86fa896cf77e7237be24232d6782997d07eb5b
a4fbdbc1913690de5238470049e0baece17dcba47aa30c95e1b84b9d2dde5805
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a9233388d3fa0075594b32d17212ce961c588498493679d1fdd831bc597c1fb8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b13f354902d89d0e3e05f39fdda350346726bf42ab2f4abbcfed8fbf9ffd43ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1893412ff46c282d1768c2283eaadf4c504e46ffce1959c72ca00a72a9837fb
b6c82a7fd0522c08298af75f41b6c493b0565392eb8a346cc2a73dc58a3a7046
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c
bf23ba333203cb0ad4b8ffa45fcdb8568cc8e7f56d06cca2ee23a7753ce34f4f
c0224051d3f8ea122f7c7c2ef44066f18d8c747ece6538b17f76ab843313376f
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7e667eb1c245d6516dae4af9782c7c0086486037c7c1314eec086a8c12e7b9a
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca91c6ac20b0b0a76f6a91b2c8034a8d0aa585270e4bc756a14b57755e2365a2
cac7672d1f64050fa08de99e4a980782303deab7dc35baa3410d7781e49a1eb5
cc5f10851fa104ce0a133616ab32692652961c6ebbdcbddd818ccb9e0e19609f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d31b78c38c24f9751223f23da3dcf46142234f5f60ae812b6327e9e5a162ef7d
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db8fa4215453eebecbbd88a7d200767bbb66358b416785efba793a40a41974b3
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dc260b796df23f5dac9365c766aa33b5a24e817e4148a0dd0bc00b0e3a4e0fb5
dc72396070cce2a1bce27ac5602a80c18dc92e21cb967ee90208c7bdd51a74d9
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd74478303af5d5d55480bd013766f7d6ebecfcadd964516f01c2858f427c153
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e474756dd68106a97d0b0e1f65b546346399379e8854f2f9f350bcc517485263
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e96950ca278c32988d3c2b3036816db5fee252d71fe5e996c71be1ee1253826f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ec6121cc4fca6ce6840ce5491f5517c7a468ac19a063cac9d121b2019813964b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1da5335bc498712116acbcdfd66674e07b39dd66d65177de7a6b8c548b3cad
f20c6a72bf6f42933559c5d3bbfd936b6c3988b7d490b7eeb611c3088097a708
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f5cd36ecbfc9bb345e326d65a5bc3f899de2633b0f1ca50e6706684ef65e6539
f5f2afa67ecb1062f8cf97544f21dd5b45631ccf2a586158d02b824b405013c0
f680f6349ba0aaed299c56975d2821da5902c60d6ee4de84c30d656541fe035f
f868a810ac6e54ae51ccf2828f623337fb99036eb64d73a7a517f7534297b3e6
fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b

portaldocolorado.com.br Open in urlscan Pro 2604:4500:6:3e3::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

216 Requests

89 %HTTPS

50 %IPv6

40 Domains

66 Subdomains

48 IPs

9 Countries

4266 kBTransfer

12038 kBSize

60 Cookies

16 Outgoing links

Page URL History

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portaldocolorado.com.br Open in urlscan Pro
2604:4500:6:3e3::2 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

89 %
HTTPS

50 %
IPv6

40
Domains

66
Subdomains

48
IPs

9
Countries

4266 kB
Transfer

12038 kB
Size

60
Cookies

216 HTTP transactions
4 data transactions