www.redegalera.org Open in urlscan Pro
2606:4700:3034::6815:4e4b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Submission: On March 18 via api (March 18th 2021, 7:21:09 pm UTC) from BR

Summary HTTP 193 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 21 domains to perform 193 HTTP transactions. The main IP is 2606:4700:3034::6815:4e4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.redegalera.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2021. Valid for: a year.

This is the only time www.redegalera.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2606:4700:303... 2606:4700:3034::6815:4e4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::681a:11a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	45.33.24.119 45.33.24.119	63949 (LINODE-AP...) (LINODE-AP Linode)
2 21	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	172.67.198.145 172.67.198.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.225.64 52.218.225.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:d76d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:1400:b:8c20:bf40:21	16509 (AMAZON-02) (AMAZON-02)
2 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
193	29

27 2606:4700:3034::6815:4e4b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.redegalera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:11a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.33.24.119 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: f1.placeholder.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f11c:8183:face:b00c:0:25de (United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.198.145 (United States)

ASN13335 (CLOUDFLARENET, US)

press.hotfix.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.225.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d76d (United States)

ASN13335 (CLOUDFLARENET, US)

widget.vupler.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1400:b:8c20:bf40:21 (United States)

ASN16509 (AMAZON-02, US)

d3lopmpcew67el.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	538 KB
27	redegalera.org 1 redirects www.redegalera.org	3 MB
21	facebook.com 2 redirects www.facebook.com	834 KB
14	doubleclick.net googleads.g.doubleclick.net	102 KB
13	ampproject.org cdn.ampproject.org	237 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	309 KB
11	popt.in cdn.popt.in display.popt.in app.popt.in	77 KB
11	googleapis.com fonts.googleapis.com translate.googleapis.com	101 KB
9	cloudflare.com cdnjs.cloudflare.com	300 KB
8	google.com 2 redirects adservice.google.com translate.google.com www.google.com	3 KB
5	hotfix.com.br press.hotfix.com.br	51 KB
5	placeholder.com via.placeholder.com	8 KB
3	googletagservices.com www.googletagservices.com	99 KB
3	facebook.net connect.facebook.net	64 KB
2	google.de adservice.google.de	1 KB
1	2mdn.net s0.2mdn.net	23 KB
1	cloudfront.net d3lopmpcew67el.cloudfront.net	94 KB
1	vupler.dev widget.vupler.dev	1 KB
1	unpkg.com unpkg.com	5 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
1	googleadservices.com partner.googleadservices.com	644 B
193	21

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org www.redegalera.org tpc.googlesyndication.com pagead2.googlesyndication.com
27	www.redegalera.org	1 redirects www.redegalera.org
21	www.facebook.com	2 redirects www.redegalera.org connect.facebook.net www.facebook.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.redegalera.org
13	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	www.redegalera.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com cdn.popt.in
9	cdnjs.cloudflare.com	www.redegalera.org cdn.popt.in cdnjs.cloudflare.com
6	fonts.googleapis.com	www.redegalera.org googleads.g.doubleclick.net cdnjs.cloudflare.com
5	www.google.com	2 redirects googleads.g.doubleclick.net
5	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
5	press.hotfix.com.br	www.redegalera.org
5	via.placeholder.com	www.redegalera.org
5	cdn.popt.in	www.redegalera.org cdnjs.cloudflare.com
4	app.popt.in	www.redegalera.org cdnjs.cloudflare.com
4	www.gstatic.com	www.redegalera.org translate.googleapis.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	connect.facebook.net	www.redegalera.org connect.facebook.net
2	display.popt.in	cdnjs.cloudflare.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	d3lopmpcew67el.cloudfront.net	cdnjs.cloudflare.com
1	widget.vupler.dev	www.redegalera.org
1	translate.google.com	www.redegalera.org
1	unpkg.com	www.redegalera.org
1	s3-us-west-2.amazonaws.com	www.redegalera.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
193	28

This site contains links to these domains. Also see Links.

Domain
translate.google.com
web.whatsapp.com
bit.ly
webmail.redegalera.org
www.facebook.com
twitter.com
www.instagram.com
youtube.com
www.hotfix.com.br
www.poptin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-18` - `2022-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
via.placeholder.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Frame ID: 92E0E0A442037CC5BD71EEA81F517490
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 1446BEB73E74FCE635114193A2004C07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&adk=1812271804&adf=3025194257&lmt=1616089419&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&ea=0&flash=0&pra=5&wgl=1&dt=1616095246421&bpp=14&bdt=234&idt=87&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=934992807306&frm=20&pv=2&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109
Frame ID: 8FF4DD6E0DDD1BFFA120268A033A76A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92
Frame ID: 81BF99E4CAF7C0A0BDF6D0449F11120E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7
Frame ID: ED1E01717E92051D8689A46BA5C9DF8A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16
Frame ID: 03EC872C909FD730F26C1D2C3E42A992
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5
Frame ID: 169CCD40E03F828E8BEA5B3579BD585B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3881d6f387b8%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&layout=button&locale=en_US&sdk=joey&share=true&size=large&width=200
Frame ID: 79C1FC814C185DDB8531AA11800FF07F
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width
Frame ID: 133DB46D1AB65FA51BE73191F7489E33
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html
Frame ID: 308CC084908EEEE5A79747CC0D89B57C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CsECTDqhTYKLFPIyzlgSd5IzYArikz8RfjJnfgZ8Nl7vk5PcXEAEgu4ORK2CViriCyAegAfjE3-EDyAEJqQKzlX2cHgO0PqgDAcgDSKoEkAJP0AfmFg7KIHEyuvKZ4wKvkE9hg33k4oUS74taENaE2m79IGscGiWwqRSDTmASw8GceL-aBJ70cYFjbnXiDE6WH7lKigil2rDgemsWP5pXCzfY-rjz6as94dDVdg2VoK9h8BbSZjAN_Sxy_2Up8EdY9HObj0bB13Of4KKHNu7g5OILDv67dQMtvtLajXNODNPEWAtXMlt3gvlrgilPwo25liP7WR4waPS4buQEZTUhvXsH6oISOJYcDvtJ8RdusAcW3c1jk-qAsmnFEfLTeXH1AlvmOiQV4QZ1eS-ynW4idx5ScHOa2x4zjRG-mYdBZbGOtQzO80JoZR4ZoEzoKM5duT2XHHkdy7UsYWMFRqRe18AEkLamyx2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH8LqgHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCxsSrSCAkIgOGAEBABGB-ACgHICwHYEw2YFgGyFxoKGAgAEhRwdWItODQ2NjM2NzY5MTEwMTc5Mw&sigh=0cTjJil63Xc&template_id=419&tpd=AGWhJmv8GJtlDO2-mPgMoRNL0RVvtwlB9guF1WQnU2dNDozh4w
Frame ID: 428E96098AF87576967DD4DA49DBA2E8
Requests: 9 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 92EE743A7C03456A8B65E701433D2F2A
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 0B0162407B5F45A82E2B166B1D3ABF18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html
Frame ID: E292774AA577D7B81F3E31E4B8D0CE85
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CFl7lDqhTYPXzMsfBbt-PrbgHgNHB7WHR_c33wA2OpPKM0wcQASC7g5ErYJWKuILIB6AB8J268gPIAQmpApC8EHHY_rM-qAMByANIqgSEAk_QKzO_kjHqP9gCSMpo0VI08QEnBobY66MxTAcOIHUSCeADoD4yVyN7drWuPAsmKOtiyr8DKxS2Oxs8YJzu5SzDXfhnRDFPT2W5Vhe02xPQ7M1AtGWpMReFalRGIDcwpNVKfJ1fNCFkowBaW0TfQ1jN5BPjGTQVy3rMqBQOMjl6Qp1gbYYJKZxJx8tQbFRVWk0hwIGGZuAcKnvAjKnAWJ99xlng5Tmf0HND3HKRrlYvRMrAGtjArThQRk9qySWP3FPI8kriq2eM7r4gqcvsCta4JcGn8hxf_wKmHWkQQdAMTrJb_z7mwZ7demKPmrKws4dTecOkMmERyJrRqS1CGJjHZyVWwAS2hdfveJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf44cUNqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENCaGdIICQiA4YAQEAEYH4AKAcgLAdgTArIXGgoYCAASFHB1Yi04NDY2MzY3NjkxMTAxNzkz&sigh=XIuNjJr0Z2Q&template_id=419&tpd=AGWhJmtYiYaMnDLnu58H0RfGgXcwuD2PAujugtLGoBrtDbniog
Frame ID: 77B1BF5CA5F808491D867F7E889C82C0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4CA689873F81945F62DC4CFA0D3CCD03
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6548F4060BEC9C70F4E6A654969C4C3E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B7CE4758B7406D744A7E90EB1F4B1264
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

193
Requests

100 %
HTTPS

86 %
IPv6

21
Domains

28
Subdomains

29
IPs

2
Countries

5988 kB
Transfer

11745 kB
Size

3
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?phone=&text=Ol%C3%A1%20reda%C3%A7%C3%A3o%20do%20*Portal%20Rede%20Galera*.
Title: Fale conosco via WhatsApp +55 (34) 9 9876-4005

Search URL Search Domain Scan URL

URL: https://bit.ly/2ZzHHqu
Title: News

Search URL Search Domain Scan URL

URL: https://bit.ly/3ultrjm
Title: Jovens

Search URL Search Domain Scan URL

URL: https://bit.ly/3qKGlFu
Title: Dicas A Dois

Search URL Search Domain Scan URL

URL: https://bit.ly/3bui68b
Title: Blogs

Search URL Search Domain Scan URL

URL: https://bit.ly/3sfE99q
Title: Contato

Search URL Search Domain Scan URL

URL: https://webmail.redegalera.org/
Title: Mail

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portalredegalera
Title: Compartilhe no Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/rede_galera
Title: Compartilhe no Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redegalera

Search URL Search Domain Scan URL

URL: https://youtube.com/portalredegalera
Title: Assista no YouTube

Search URL Search Domain Scan URL

URL: https://bit.ly/3dxle5K

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&hashtag=%23Tecnologia
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Locaweb%20compra%20fintech%20Credisfera%20por%20R$%2026,6%20milh%C3%B5es&url=https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Title:

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=*Locaweb%20compra%20fintech%20Credisfera%20por%20R$%2026,6%20milh%C3%B5es*%20https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Title:

Search URL Search Domain Scan URL

URL: https://bit.ly/37x0KXa

Search URL Search Domain Scan URL

URL: https://www.hotfix.com.br/criar-portal-de-noticias/?utm_source=www.redegalera.org&utm_medium=referral&utm_content=rodape_portal&utm_campaign=hotfixpress

Search URL Search Domain Scan URL

URL: https://www.poptin.com/?src=www.redegalera.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://www.facebook.com/v8.0/plugins/comments.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width

Request Chain 70

https://www.redegalera.org/imagens/200x200/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg HTTP 302
https://www.redegalera.org/hf-conteudo/uploads/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

193 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html Show response
www.redegalera.org/noticia/44/ 260 KB
42 KB 373ms
334ms Document
text/html 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3a8380e22bce35964d89367b446139d44ef5649f80b8a66d1653979513a4af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.redegalera.org
:scheme: https
:path: /noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d2fc5ad48dfd53af38add9d805d808eac1616095245; expires=Sat, 17-Apr-21 19:20:45 GMT; path=/; domain=.redegalera.org; HttpOnly; SameSite=Lax PHPSESSID=19e64d370e523c4b10f6e6c6b82639c7; expires=Thu, 25-Mar-2021 17:43:39 GMT; Max-Age=604800; path=/
vary: Accept-Encoding
pragma: no-cache
content-language: pt_BR
cache-control: max-age=93600
expires: Fri, 19 Mar 2021 19:43:39 GMT
last-modified: Thu, 18 Mar 2021 17:43:39 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
cf-request-id: 08e8618e1b00002b413d2f1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TlRvvXe0U7%2FQ%2FehOM4n%2BmfOad5ePyCiD9QxXPjVn6DCzTG3oGs82ba7Jfo1YaRvaJg3dFMrEg1SAOuAixtiUXyWWLNSDDm1Gq3x1Efi6Yj45aUd6sIMjcX3I5HJGXyA%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6320d1f69caf2b41-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
999 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900|Open+Sans:400,700,800&display=swap

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

568358777731489c907e6ca6f48d796e77169bc6eaf39c2f1ffa5685fec16a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 19:20:46 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:46 GMT

GET
H2 200 cores-categorias.php
www.redegalera.org/hf-conteudo/templates/the-big-news/css/ 11 KB
2 KB 429ms
428ms Stylesheet
text/css 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/css/cores-categorias.php?v0.19288500%201616085357

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558cdf8f85e407b9a3d6cb9d950a45dffcea07c248c9ee7912b957b7e925fc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861900b00002b4127908000000001
x-nginx-upstream-cache-status: BYPASS
last-modified: Thu, 18 Mar 2021 19:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rcdACSMykNn%2FFMN2leCaTkVWeAvbdyUsidCsf9GoH6Oartdz18HY446vzPTrQczU%2BxGjKBx2pd0V02LrMmYq2oA3dm92CzQOtGt3k2MWu7yfOdPCzjSwYGjIlRqRUlk%3D"}]}
content-language: pt_BR
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9aa892b41-FRA
expires: Fri, 18 Mar 2022 19:20:46 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 389769
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
cf-request-id: 08e861900c00002c2a62076000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ytG05hFvSBiYhOQiS%2Fz8%2F82wpNXjI7RQqiSmRvCra3BSWiID2uVHOSkXGBvmrJO3OwrBw1KntRh3BwI77cC23ssbrh0DwF4L57XCf%2FhCUOhpDTejzP3q6Hg%2B0tESUQrnXw%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1f9ae1b2c2a-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49785
x-xss-protection: 0
server: cafe
etag: 5737719656913929434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 19:20:46 GMT

GET
H2 200 pixel.js Show response
cdn.popt.in/ 153 KB
30 KB 53ms
27ms Script
application/javascript 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=6b41405704d27
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb789fe0ca90a5881706984306d879a96af22b327ddb8dba3ccebc040a1f366

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7053
x-cache: Hit from cloudfront
content-type: application/javascript
content-encoding: br
cf-request-id: 08e861903900000eab8cb59000000001
last-modified: Wed, 17 Mar 2021 15:20:39 GMT
server: cloudflare
etag: W/"a25aef4ecef8f2fc76f223555d0c6cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2FPonh6AosQVenIaQHnVT%2FHi30Lng2hb2aoKpasB55NAE8Hk2XGijYGjep68AeU%2B%2FZLQj%2BPPbPbpWXwl1nlrB1rCzKt7eEK0keLktR9rHc3SclHDLs%2BE7g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: 5h4X0SpAE8D.g2uGyUDtn_hGRlwyVW2r
cache-control: max-age=1800
x-amz-cf-pop: TXL52-C1
cf-ray: 6320d1f9fc950eab-FRA
x-amz-cf-id: TljsC7RKBWx9lK0de345xHfNuWYIobAzXUydbZaCmMF5zA_7-PBDwQ==

GET
H2 200 holder.min.js Show response
cdnjs.cloudflare.com/ajax/libs/holder/2.9.4/ 32 KB
11 KB 21ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/holder/2.9.4/holder.min.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3090452
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10392
cf-request-id: 08e861901e00004e2b4ea11000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9d-7e1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YvHAl%2FwOqv30mu7jjk27szlm8lUwUKe06AiZQWYCvd7%2FPfYyupyDrtTelxYtBZlI1o7Bevz%2BoAawrl9KqaSuH6nDb7RbeTwofcCBUennnYVcn7GpsPnXVJSwJ4aeoctJng%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1f9cb3c4e2b-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 hotfix-push.js Show response
www.redegalera.org/hf-sistema/assets/js/ 50 KB
9 KB 367ms
366ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-sistema/assets/js/hotfix-push.js?v1.5

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7260eb54a4cc86ec2e12c54e964248db114ac2fecfb71052d0dff13d6b7c6455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861900b00002b416501f000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DYLV8ZQBPEHrLxkZOlS1qrPJIw9qNAZcpa%2BhV25JA1SvVSS0I0xnhXzZVLgFotIKFDoCFBHHLEdFpkaAtvGkkcDQUOqTnLxezsfOoE8gd98wVk9mpdIvkQsQGrjkaX4%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9aa8b2b41-FRA
expires: Sat, 17 Apr 2021 19:20:45 GMT

GET
H2 200 logo_4a5224b9789481975a5b727487992499.gif
www.redegalera.org/hf-conteudo/uploads/layout/ 2 MB
2 MB 717ms
712ms Image
image/gif 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/layout/logo_4a5224b9789481975a5b727487992499.gif

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b39f20b8e9b35f47f890cdea5e200e1d919e0ce3eaf6a562b7d97732416c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2029074
cf-request-id: 08e861901e00002b4162059000000001
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 12 Mar 2021 18:01:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7zMEgsbf%2Bodqa5UNgtRKUjvQ8Y6pqYBhWxHD0UJwi9utGz5fnJLl541%2FglxWwguNieKuIzK09pksyVrpy71KcurDpKLoW%2BOfAjDwkdAME%2BXhfKhEGC9NahPOTwAbo%2F0%3D"}]}
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1f9cac82b41-FRA
expires: Mon, 17 May 2021 19:20:45 GMT

GET
H2 200 1_42a0e188f5033bc65bf8d78622277c4e.png
www.redegalera.org/hf-conteudo/uploads/campanhas/ 52 KB
53 KB 731ms
727ms Image
image/png 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/campanhas/1_42a0e188f5033bc65bf8d78622277c4e.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6880ad520e48455de61a85927c30ba2f6625cc03337272a673962d2dcdc35ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53472
cf-request-id: 08e861901e00002b414a2f4000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 21 Feb 2021 13:01:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZU%2Bf2cfYf8Kkw%2Fd7Mx1asXO8Y3RLHLHDabHq5kBew5PzuV3pbPSmHVqDRkztpwY78sDo76Be7FyAxOd33%2FGYmzbPNoQEqlC0afEAJWGKn1k8gNcCEtbZ69A5H8CiKs8%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1f9caca2b41-FRA
expires: Mon, 17 May 2021 19:20:45 GMT

GET
H2 200 44_f7177163c833dff4b38fc8d2872f1ec6.jpg
www.redegalera.org/hf-conteudo/uploads/posts/2021/02/ 225 KB
226 KB 728ms
724ms Image
image/jpeg 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/posts/2021/02/44_f7177163c833dff4b38fc8d2872f1ec6.jpg

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d11fc704b16c31ab02b83bd65d85792c82df7332005596924f74017f780b1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 230889
cf-request-id: 08e861901e00002b4179395000000001
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 19 Feb 2021 11:26:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GznGV9VsXi4IoT1JWaCz8fCmecpbxlbijFDWL1ElOoCMA4mN5o0npDYLUo3BJFF9DHa60s1%2BNhmPSJVmsUnRICxTdmJlNGS90UKXZ7nqFF7mfu%2FhnKh40h6nI%2FyPhiE%3D"}]}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1f9cacd2b41-FRA
expires: Mon, 17 May 2021 19:20:45 GMT

GET
H2 200 sys.js Show response
www.redegalera.org/hf-sistema/assets/js/ 10 KB
4 KB 354ms
350ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-sistema/assets/js/sys.js?v

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800e846c90f0cd73a53a42a05ad3e6b022972a791dbef2aa6d5360e7dfcae99e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861901e00002b4112337000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZawfXsTRMX%2FTvFtAXG8TFN8uYQgja9KppXjtrx3Ab1FbUKhsXGH%2BsjZwY9BIZtemixG7%2Fg3Wy3TOgcNa%2F7x0g%2FXk9aleeLnpEfF4erM0LzbNgPGf7gW4BWN%2FCLp0fkA%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9cace2b41-FRA
expires: Sat, 17 Apr 2021 19:20:45 GMT

GET
H2 200 Vupler-Narrador.min.js Show response
www.redegalera.org/hf-conteudo/plugin/Vupler-Narrador/ 24 KB
9 KB 16ms
13ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/plugin/Vupler-Narrador/Vupler-Narrador.min.js?t=1603142700

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61dc5334fab923214249e69e3f5322fa694b3126badfd633f4ca894b2716c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86686
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861901e00002b413517e000000001
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 18 Feb 2021 15:06:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6cmHS%2BTjTMNubWE4FNr0VQ8V9oTZkk%2FJQGFXIMiPOtHVzdVJ4PSbOthipFcoPv9e9eddv5sJqBEaB%2BgyBmv4u2U7tgZ080bjPLdtUU1YhqKMqU5Td4qEpco%2Bh5Yfq%2Bc%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9cacf2b41-FRA
expires: Fri, 16 Apr 2021 19:15:59 GMT

GET
H2 200 cookies.min.js Show response
www.redegalera.org/hf-conteudo/plugin/cookies/ 5 KB
3 KB 377ms
374ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/plugin/cookies/cookies.min.js?t=1613738194

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270d7e85127689d560dd0c1f08f9ac29ab25a84dba86f82dba6c3cdb66f923fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861901f00002b411daab000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GcFPn7H7HXCmXP9HBD64U6nEV1HCf0o3xCgyhRdbmLvlMWHcMmqJnEjwNYCtp4HqNgF1g5FKGILaCdIQH3SPprAjgwwXQtjE4vwb4hW0pHNkLq4CY0OlbTsFeDwi4Q8%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9cad02b41-FRA
expires: Sat, 17 Apr 2021 19:20:45 GMT

GET
H2 200 tradutor.min.js Show response
www.redegalera.org/hf-conteudo/plugin/tradutor/ 188 KB
18 KB 532ms
528ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/plugin/tradutor/tradutor.min.js?t=1615370170

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a2d25532aed736eae26e4285fda25c3cd9c357d5a50410455fc51fd6fe6055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861901f00002b41059f3000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SZTbmlyzIxa6V8mq2eGlAZQ0b1eY3twz1XHInVxCZWyaDgMibNi07kkckul8bMG3Df4SjNIPJ%2Fo%2FHqvPJpEzl%2Bn5hzzghxcA3nzMxvNaUowD8Ts9UpMwBr%2BuX6Azs34%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9cad22b41-FRA
expires: Sat, 17 Apr 2021 19:20:45 GMT

GET
H2 200 sys.js Show response
www.redegalera.org/hf-sistema/assets/js/ 8 KB
3 KB 20ms
17ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-sistema/assets/js/sys.js?v31328

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f66be9bb767d1aeb8439b170544830a2041dbfbdb82e4d1b574175634f778b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86686
cf-polished: origSize=10298
x-server-powered-by: Engintron
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861901f00002b410f2f7000000001
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w38J%2BdDuPo0bE1glaQhrMxijVztgu6fIXcYW6bLgZ7MzodRTMdEu0CzzD6Pcxdy0fzxd8MD4TpzhdEXkZsxnGAEAd3zjHLqUrQ1Nkb3uFU6z%2F%2Fo%2F3j3A6KwsggD%2B0BU%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1f9cad42b41-FRA
expires: Fri, 16 Apr 2021 19:16:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6570577389b4c6c0b8899e8bc36b7ec1680d06f07258fb9898604b88b0e6e4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Y7dJuB0+Ouj/1VoCcrZ05A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: V8AgdCrPzdCn3Ua06ILsA8MNukZDHychymL8C+EB5U4ifuBJpo41UR5TNx1JHWbaHViprYgt3fVkrexjt+JyNw==
x-fb-trip-id: 686109401
x-fb-content-md5: 474b186b0e889917786021efb493d327
x-frame-options: DENY
date: Thu, 18 Mar 2021 19:20:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "12bad6a3a14fc2befc14e4ea23c89720"
timing-allow-origin: *
expires: Thu, 18 Mar 2021 19:40:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

650b0e5f1fb0e1eaefe8199ee314fd53ef938da7f2764eee3341d16f8df02eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1Vba6HwYHtYY3ymvl6cdyQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 18 Mar 2021 19:39:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: oVASBt8mirugtrtoCeAH14k27+77qdpE1esAarIby1ikaSES6tPjm8DZO3OsVXKC3PXGZTx4V5ytjiXAwUEUcw==
x-fb-trip-id: 686109401
x-fb-content-md5: ab79a5195083f1425be9c9cdce39f2e0
date: Thu, 18 Mar 2021 19:20:46 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "764ee8a6ddd04c7eb2d0813012e38d36"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK /
via.placeholder.com/460x306.webp/FBFBFB/ 1 KB
2 KB 893ms
170ms Image
image/webp 45.33.24.119
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/460x306.webp/FBFBFB/?text=Portal%20Rede%20Galera
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: f1.placeholder.com
Software: nginx/1.6.2 /
Resource Hash: bd3fd3452c8e9e93b9d4fd9ba49cdb5a64af8256eb80240db0188a657542ed93

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:39 GMT
Last-Modified: Thu, 18 Mar 2021 19:20:47 GMT
Server: nginx/1.6.2
ETag: "6053a80f-596"
X-Cache: L2
Content-Type: image/webp
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1430
Expires: Fri, 19 Mar 2021 19:20:39 GMT

GET
H/1.1 200
OK /
via.placeholder.com/200x200.webp/FBFBFB/ 624 B
945 B 921ms
168ms Image
image/webp 45.33.24.119
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/200x200.webp/FBFBFB/?text=Portal%20Rede%20Galera
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: f1.placeholder.com
Software: nginx/1.6.2 /
Resource Hash: ed11a4bac2e4ddba2929e62c72b1e48ace2a1a125de7a39c055e73e1a3f91474

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:39 GMT
Last-Modified: Thu, 18 Mar 2021 19:20:47 GMT
Server: nginx/1.6.2
ETag: "6053a80f-270"
X-Cache: L2
Content-Type: image/webp
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 624
Expires: Fri, 19 Mar 2021 19:20:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2bbccf5edaf22192585cdc61624bd9fd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38bb04b5ac1c3090974efb006bc661a4dd7fdf84a35efcd24b5b5c6bf23ca869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Un9Kkg/KZFVkvVIPUBbkfA==
cross-origin-resource-policy: cross-origin
expires: Fri, 18 Mar 2022 16:51:26 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60835
x-fb-rlafr: 0
x-fb-debug: i0BvUx1fWHoZbSCC7ZECD614Nhz8bbU1cUAI1g3Zu19QgnQ0UU4tr9y1D+vJSu0+1nHqssY+GDdxxQbWZmfChA==
x-fb-trip-id: 686109401
x-fb-content-md5: 5771013bb460f12e14496750bb3bdaab
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Mar 2021 19:20:46 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f9514a0cbce3a3b575387d5f2fa73aa8"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592331141415391&ev=fb_page_view&dl=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&rl=&if=false&ts=1616095246406&sw=1600&sh=1200&at=

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Mar 2021 19:20:46 GMT

GET
H3-Q050 200 show_ads_impl_exp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 63ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_exp_fy2019.js?client=ca-pub-8466367691101793&plah=www.redegalera.org&amaexp=1&bust=exp%3D21066652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 19:20:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 1446 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 18:01:35 GMT
expires: Thu, 01 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 4751
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 12ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=6b41405704d27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1887743
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26909
cf-request-id: 08e861906f00004e2b2b3b0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YLqvnMUCFXDvzKh6w7XEOyPhCG1EeSp7%2FmnuK4IrQADfWG8ZHEOWyxB%2FLLu3UgxDH1bUyW0HkLO8a0zbd79O9gdVolnfLJF4wfdmbD%2BbtK%2B8VDPeMr0e6j0Y2PtRHTEJxQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1fa4c4c4e2b-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 _82aa4b0af34c2313a562076992e50aa3.png
www.redegalera.org/hf-conteudo/uploads/campanhas/ 78 KB
78 KB 665ms
664ms Image
image/png 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/campanhas/_82aa4b0af34c2313a562076992e50aa3.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1559d2f6f7f22630bbaea76a9ed27cf0f62e75c5ce4156699681d6fb1d314bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79629
cf-request-id: 08e861909f00002b412f0c9000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 21 Feb 2021 12:09:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9FftI2pNEzTsdH4a4AxBQXToSv3AzZZP2appc%2Fdqo4hqKOpEjBJcoU61ryODWRhgRsKGILY6eRRWgN%2F72DJdoFO9xE5Z6mBL6hl01rgO2vbWjE4mb6iYH15wyGWI7zg%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fa9c6c2b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H/1.1 200
OK /
via.placeholder.com/200x200.webp/97A085/ffffff/ 996 B
1 KB 887ms
152ms Image
image/webp 45.33.24.119
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/200x200.webp/97A085/ffffff/?text=BLOG
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: f1.placeholder.com
Software: nginx/1.6.2 /
Resource Hash: b9bd0f5ce3214ee3079b1c12ca15bc0c95a654d50001fa1a3953c925ffb14a03

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:39 GMT
Last-Modified: Thu, 18 Mar 2021 19:20:47 GMT
Server: nginx/1.6.2
ETag: "6053a80f-3e4"
X-Cache: L2
Content-Type: image/webp
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 996
Expires: Fri, 19 Mar 2021 19:20:39 GMT

GET
H/1.1 200
OK /
via.placeholder.com/200x200.webp/CB6F23/ffffff/ 2 KB
2 KB 912ms
150ms Image
image/webp 45.33.24.119
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/200x200.webp/CB6F23/ffffff/?text=COLUNA
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: f1.placeholder.com
Software: nginx/1.6.2 /
Resource Hash: 260faa7a47e14be75c8b3d39b9f615597ca6aa1b15ba9db1b9fbd0a79bc64864

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:39 GMT
Last-Modified: Thu, 18 Mar 2021 19:20:47 GMT
Server: nginx/1.6.2
ETag: "6053a80f-630"
X-Cache: L2
Content-Type: image/webp
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1584
Expires: Fri, 19 Mar 2021 19:20:39 GMT

GET
H/1.1 200
OK /
via.placeholder.com/200x200.webp/EE2C2C/ffffff/ 2 KB
2 KB 945ms
150ms Image
image/webp 45.33.24.119
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/200x200.webp/EE2C2C/ffffff/?text=BLOG
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: f1.placeholder.com
Software: nginx/1.6.2 /
Resource Hash: 107f0fd6ac399387e8aea9579582f4c45ed481230ed73600aa1d4d28ba19cf9b

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:40 GMT
Last-Modified: Thu, 18 Mar 2021 19:20:47 GMT
Server: nginx/1.6.2
ETag: "6053a80f-704"
X-Cache: L2
Content-Type: image/webp
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1796
Expires: Fri, 19 Mar 2021 19:20:40 GMT

GET
H2 200 _fa7cdfad1a5aaf8370ebeda47a1ff1c3.png
www.redegalera.org/hf-conteudo/uploads/campanhas/ 100 KB
100 KB 738ms
735ms Image
image/png 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/campanhas/_fa7cdfad1a5aaf8370ebeda47a1ff1c3.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d8a9a7af59277884fc49aa48d014a031a711355257fc0b45532103c4fd9cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101940
cf-request-id: 08e86190a200002b417c06e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 21 Feb 2021 12:22:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Ed8UcnbF5LqW0iv%2BN33UEJHx2aBTURPJ3GafPV6xst2RlkKAma7WS4p6OT7bDClpRzR%2F1xyXMRT%2FXYlWHtS8y5vIvLPv8dOMIem5zEaX8uc5yZWW8SRw0yPPKeOg0I%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fa9c7a2b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 favicon_01b66c5e74cc73ea5fc6783220e276b4.png
www.redegalera.org/hf-conteudo/uploads/layout/ 217 KB
218 KB 878ms
876ms Image
image/png 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/layout/favicon_01b66c5e74cc73ea5fc6783220e276b4.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afcd86a6e57a471b89009cdf2e52218a37bfa4bcd4301bc5dbc12027660c2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222345
cf-request-id: 08e86190a200002b41749fe000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 15 Mar 2021 00:25:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W4cdPhQQJNYWudxRZQ8fu7H2KQRihitxReWv%2FKAJk36IrUeHyeTWWXxS3hTHBcvlOd9oVzbmbrqm4%2B4ytiyrd9CYJKhN3SmrCFluA7y18KntkI0a6OcrzEbxFSHSVzI%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fa9c7c2b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 blazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/ 5 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/blazy.min.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2632351
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1735
cf-request-id: 08e86190a200004e2b1d1a4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LQLu1YE%2BvI5pPBGHbagmelpBMVFlqOR2HvlqgKbGXN04%2BC2gzgLpleUEUHFRINbNuBJGUL4FIT%2FI9b4oG5Z5UEboV2HADQpo%2F5EhxrtSe505yjd2WaAalnIVSWGdXvWseA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1fa9d154e2b-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 87 KB
30 KB 22ms
20ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/jquery-3.5.1.min.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86692
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a400002b4162064000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 23 Feb 2021 12:52:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8oOudb5lwTRyyU1ml7hl5shYlBvkRMRTRGWAtjHpthi7AnhqSqcaWXND%2BfAjLHh9uVdImx%2FRM%2Bn%2BHhXLbglS35yfB1t57YQ3hDfVrk9QaMEwI5j4sbGjSUQUXNd0H%2Fg%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fa9c862b41-FRA
expires: Fri, 16 Apr 2021 19:15:53 GMT

GET
H2 200 popper.min.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 19 KB
7 KB 370ms
369ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/popper.min.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a400002b4127915000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 Feb 2021 12:52:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LhbTGPtCSvE08V6O1964T6jGshYUVqZIH8EwgjDr7j7psY%2F1n7Iz4xj0NZMMkbVQBlQel0i6nlc1CqkBV3ciQY9Ff%2FZThwnP0DuylXxEbRl9xkxHcsGiNyFwGC1GLIA%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fa9c8b2b41-FRA
expires: Sat, 17 Apr 2021 19:20:46 GMT

GET
H2 200 bootstrap.min.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 50 KB
12 KB 376ms
375ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/bootstrap.min.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ad1f17fd55091c73ae0f5ac26584a3bc0dd8581a5390f73df780416d5973dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a400002b41249ac000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 Feb 2021 12:52:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVAwC%2BbR%2BUplf5mxcqR19x%2BDtEedzXuoqoFE597CQyi5IxUL7izA5rkbKsgZdz8yWtsj3mFWTpJDSBntFDm1%2FHtC%2FVvo89jOCpXxSc1AJuqeNM8ytL1v7jXIAz1B6j0%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fa9c8d2b41-FRA
expires: Sat, 17 Apr 2021 19:20:46 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 20 KB
7 KB 353ms
352ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/jquery.magnific-popup.min.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a400002b414292a000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 Feb 2021 12:52:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UDALIr8C0hwhUH33zLyU%2FDdnXSkapwY5YaGn1vsjla5G6x3nR1V4qb1dRWwGU1jGkvIGzJ83uEX85DsvPa7LKtbs%2Fjle2jTzC5zU7jOxhAOzQL%2BnHF63RKsW3SBHwYE%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fa9c8e2b41-FRA
expires: Sat, 17 Apr 2021 19:20:46 GMT

GET
H2 200 owl.carousel.min.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 42 KB
11 KB 378ms
377ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/owl.carousel.min.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a500002b4154a5e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 Feb 2021 12:52:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0q0W55ROnefIkyd14tEy1v7gPRnxDOIT7mh1IIINonvuiQJ3Own%2FQLkXRazfgJldVPsF%2BSg1vp48IHRGR9oVrudb54yKuTxyF8Ukft3vrBOALqIwNWIxIw9qMuiujbY%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fa9c912b41-FRA
expires: Sat, 17 Apr 2021 19:20:46 GMT

GET
H2 200 custom.js Show response
www.redegalera.org/hf-conteudo/templates/the-big-news/js/ 5 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/custom.js?v1.0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01971f986e350ed026d527853c4a9f8214738e014076ef696841670b06750e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86686
cf-polished: origSize=5638
x-server-powered-by: Engintron
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86190a600002b412dbe7000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 23 Feb 2021 12:52:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IPIRLOv3HJCdv1h20aejfMqTxBQwJW9Y80bW9PtAPT02fm4mInuZUwUjg5dxeN3VBNx6vMFywe0h0zZiR6xXyi%2FCtgHcs35do6yp4hKvGDiLkbVHjxleEmGIZ8oxeyA%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1faac932b41-FRA
expires: Fri, 16 Apr 2021 19:15:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
644 B 159ms
58ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.redegalera.org&callback=_gfp_s_&client=ca-pub-8466367691101793

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_exp_fy2019.js?client=ca-pub-8466367691101793&plah=www.redegalera.org&amaexp=1&bust=exp%3D21066652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d59ceeab9fd63605ede0475e96258bbbbbff4a6a3165bd2e2e85492b165db7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.redegalera.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
239 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redegalera.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FF4 12 KB
2 KB 108ms
94ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&adk=1812271804&adf=3025194257&lmt=1616089419&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&ea=0&flash=0&pra=5&wgl=1&dt=1616095246421&bpp=14&bdt=234&idt=87&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=934992807306&frm=20&pv=2&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41495884144d2fa3cb2912739e3fc01ac013b9fcc312c057db8559ed5b022f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8466367691101793&output=html&adk=1812271804&adf=3025194257&lmt=1616089419&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&ea=0&flash=0&pra=5&wgl=1&dt=1616095246421&bpp=14&bdt=234&idt=87&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=934992807306&frm=20&pv=2&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 19:20:46 GMT
server: cafe
content-length: 1235
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 19:35:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:46 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:46 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.6.2/ 386 KB
113 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.6.2/firebase.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2017 23:34:08 GMT
server: sffe
age: 13644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115681
x-xss-protection: 0
expires: Fri, 18 Mar 2022 15:33:22 GMT

GET
H2 200 favicon_01b66c5e74cc73ea5fc6783220e276b4.png
www.redegalera.org/imagens/512x512/layout/ 146 KB
147 KB 667ms
666ms Image
image/webp 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/imagens/512x512/layout/favicon_01b66c5e74cc73ea5fc6783220e276b4.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d462688d92eac8314e0099ef95d24d0d92ddae57571b756edcc9e915847304de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
content-disposition: filename=favicon_01b66c5e74cc73ea5fc6783220e276b4.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861918200002b412a365000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
etag: bcbc36d31edbee44745ed4233684d21b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uPaOUjRAjOVfMqnb7e7CaF5uKdTfqLzn%2BD1OopURdCep5EzX9hJIEXBimu7xUJFmggwS%2FYY2s0fBuAYFlhyF1BVZfPwe6W134O65p%2F%2FcjdCNSJ53CgLcz8nJzpujhM8%3D"}]}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1fc0ef12b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 206 notification-push.mp3
press.hotfix.com.br/_plataforma/audio/ 14 KB
0 396ms
290ms Media
audio/mpeg 172.67.198.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://press.hotfix.com.br/_plataforma/audio/notification-push.mp3
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.google.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
Content-Range: bytes 0-22150/22151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 22151
cf-request-id: 08e86192000000d879de883000000001
last-modified: Wed, 14 Aug 2019 21:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=don1cflhBmX%2Fl%2BUQ7ojwG9o1oHhykvp2jQ%2BajFj0qmY0kwgE%2Fdrrj89NYOkAjyWhH4PBBU9AIfVzkj%2F34tOeJ0jaxyvZnf6CCsmJlYqFwtmYt0jM"}],"max_age":604800,"group":"cf-nel"}
content-type: audio/mpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fccff5d879-CPH
expires: Fri, 18 Mar 2022 19:20:45 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900|Open+Sans:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 263114
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:15:32 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900|Open+Sans:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 62197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 20ms
18ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2632305
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77400
cf-request-id: 08e861918d00002c2a64816000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2lUSko%2BQcpFpgidHPpX50wdlwaW%2FTFEh8E9PY6XKN6BFs%2FO4T9jquJjj344L8lmx107K0uXmBcqXjfFrSNOfc4b3rOrHmAbnswqeyqaM8jzKXFGXIvPIZrs9QdkBHvrmgw%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1fc1a4f2c2a-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 13ms
11ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1888730
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
cf-request-id: 08e861918d00002c2a803ea000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V7TFdwrs7Zhup64gVU6S17OfApKa10E874z%2BNrcwu6ntMtf355vfQKfKFjPX2EGwShPQtL5v0aBmjzmrPCrQETkdpUyLLLPGrBrTRgpBv%2FXbRFV9rFJ4NqRc9ZqVR8SVXg%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1fc1a522c2a-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H2 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 13 KB
14 KB 19ms
18ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 605611
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13600
cf-request-id: 08e861918e00002c2a8eade000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-3520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9EubeDlyHLbT6G%2FZURY3p6JFB%2B1GLiRLjwytG3x9vrwa02ISI%2FINKMcdYDQkOxGfntPRfzeXfjx0uTUHPvTpIbZ5cBxdN8%2F3FPyswYAMbcenicbtk02Kt762ZbVCtvvq9g%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d1fc1a562c2a-FRA
expires: Tue, 08 Mar 2022 19:20:46 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.redegalera.org

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 44ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redegalera.org

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81BF 108 KB
35 KB 693ms
692ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55e21789822274f05888d684da800b3ef68a9f6bc9cc73a6e9ba5a2cbf3647ce

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWy8fjHuu8CFcegGwod30cLdw&gqi=DqhTYLa7MoexlgT2zLXAAg&layout=/sadbundle/%24csp%253Der3%24/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWy8fjHuu8CFcegGwod30cLdw&gqi=DqhTYLa7MoexlgT2zLXAAg&layout=/sadbundle/%24csp%253Der3%24/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 19:20:47 GMT
server: cafe
content-length: 35546
x-xss-protection: 0
set-cookie: IDE=AHWqTUmrDk1Ufq6ktGCNTvWMy-8ToNyHaYSpijHLDhHqEVdOQJH0Cy_kOyxdABkvLCQ; expires=Tue, 12-Apr-2022 19:20:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:47 GMT
cache-control: private

GET
H2 200 icon-push.png
press.hotfix.com.br/_plataforma/imagens/ 23 KB
24 KB 43ms
39ms Image
image/png 172.67.198.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://press.hotfix.com.br/_plataforma/imagens/icon-push.png
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ed52edd0ad164e1cea85578976351284e4c1238c631b3b3fe037986ef09860

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2549403
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23969
cf-request-id: 08e86192010000d879959fa000000001
last-modified: Wed, 14 Aug 2019 21:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aiHZGbg%2FaqEI7AQoxASPR8mt4r52T6qCgU0FSOka2snkTYCvg3y80Tx9cWf4iTD1LnPaCaapbGUta%2FODBxoKNZDTiNhkRyE3ziN5RlmpfbKwQ5Tm"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fccff8d879-CPH
expires: Thu, 17 Feb 2022 07:10:43 GMT

GET
H2 206 notification-push.mp3
press.hotfix.com.br/_plataforma/audio/ 14 KB
0 289ms
288ms Media
audio/mpeg 172.67.198.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://press.hotfix.com.br/_plataforma/audio/notification-push.mp3
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.google.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
Content-Range: bytes 0-22150/22151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 22151
cf-request-id: 08e86192170000d879eb03b000000001
last-modified: Wed, 14 Aug 2019 21:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0hBN1aIIQZU05YEaDv3J1HuRzOWvhI%2Bat8AI09rwtbZB5zPd0wg%2F1fNR%2FXTWyiqzvQ76MRtDnvN0JsjKcVTS1Pa3xcdhzNHnerVEJwm%2FNmUp6EYX"}],"max_age":604800,"group":"cf-nel"}
content-type: audio/mpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fcf831d879-CPH
expires: Fri, 18 Mar 2022 19:20:45 GMT

GET
H2 206 notification-push.mp3
press.hotfix.com.br/_plataforma/audio/ 22 KB
22 KB 295ms
294ms Media
audio/mpeg 172.67.198.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://press.hotfix.com.br/_plataforma/audio/notification-push.mp3
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819f9873e80cf405f9397a50bb69aa2b4bc68ef48905f072860a244533f2d086

Request headers

Referer: https://www.google.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
Content-Range: bytes 0-22150/22151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 22151
cf-request-id: 08e86192170000d879c31a4000000001
last-modified: Wed, 14 Aug 2019 21:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PlBgTkkDfSjhYTOLBtbWRwc2iF3o9NIq3UaByI956qt6QCudYlUic61Fa9qLrUJ79oRBXo9Z4eaIxIqbyFFyaxpfrZeOn65xUj7v4QawmK0H3FPl"}],"max_age":604800,"group":"cf-nel"}
content-type: audio/mpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fcf833d879-CPH
expires: Fri, 18 Mar 2022 19:20:45 GMT

GET
H/1.1 200
OK loading.png
s3-us-west-2.amazonaws.com/s.cdpn.io/355309/ 2 KB
2 KB 840ms
222ms Image
image/png 52.218.225.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/355309/loading.png
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.225.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c31eccc4277c6187543dcd0cf79f2852f4b990ad656f2551205ef43f445536ac

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 19:20:48 GMT
Last-Modified: Mon, 20 Feb 2017 10:03:27 GMT
Server: AmazonS3
x-amz-request-id: HP12GTXVRCH0PGF1
ETag: "7bfa3ff873955e8351a576d6eade4d77"
x-amz-version-id: null
Cache-Control: public
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2055
x-amz-id-2: K3H56kxr3NqGXjM4dBY7xzoLD2QuTwsGM9DYxM3AtUfHql4MQiRPGV57jcGv3D1VB3kM6qupJOA=

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900|Open+Sans:400,700,800&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 260939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H2 200 iframeResizer.min.js Show response
unpkg.com/iframe-resizer@3.6.3/js/ 13 KB
5 KB 31ms
14ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/iframe-resizer@3.6.3/js/iframeResizer.min.js

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/hf-sistema/assets/js/sys.js?v31328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7140165
vary: Accept-Encoding
cf-request-id: 08e861923800004ddcc52fa000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"33d8-kDwA1tQgUZBIvVSJ2NCU1rtRASM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 3f76830a546ad69f43f47f4679243e78
cache-control: public, max-age=31536000
cf-ray: 6320d1fd28864ddc-FRA

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED1E 49 KB
12 KB 430ms
430ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df3c09746aac355fa15bc52e27d5f9d94137c63abd037543c3d2ae2c0cddc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 19:20:47 GMT
server: cafe
content-length: 11735
x-xss-protection: 0
set-cookie: IDE=AHWqTUkTLzT9niZKvWbuyND1su3FEAiy5DJolpXlHtpnKDYs0_JiswmJWm0wUb-gvyc; expires=Tue, 12-Apr-2022 19:20:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:47 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03EC 49 KB
12 KB 515ms
514ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b587e079323833af363c354c232c566cb557792845d0b31a4d187bcb78eda3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 19:20:47 GMT
server: cafe
content-length: 11727
x-xss-protection: 0
set-cookie: IDE=AHWqTUlvk2jcmAClJeO6NvPI3b7VT9Qy503W7exsPcM3SF5nV-UtvZCVaRoZLIqjgl4; expires=Tue, 12-Apr-2022 19:20:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:47 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 169C 108 KB
35 KB 432ms
432ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b46a93dc35898f4c1cc854e393d5311f73794a39cd603b18ddd0d6e90182660

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKE-_jHuu8CFYyZhQodHTIDKw&gqi=DqhTYJjHO5HNbZj-iqAP&layout=/sadbundle/%24csp%253Der3%24/7881690677737347102/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKE-_jHuu8CFYyZhQodHTIDKw&gqi=DqhTYJjHO5HNbZj-iqAP&layout=/sadbundle/%24csp%253Der3%24/7881690677737347102/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 19:20:47 GMT
server: cafe
content-length: 35526
x-xss-protection: 0
set-cookie: IDE=AHWqTUnkhh-t9DD2TVStkYPVzWzxXSAGGMjr_WrK7es2e9nNDzpnLrSUkBo0_GB7KdE; expires=Tue, 12-Apr-2022 19:20:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:47 GMT
cache-control: private

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900|Open+Sans:400,700,800&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 84495
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H2 200 icon-cookies.svg
press.hotfix.com.br/_plataforma/imagens/ 13 KB
5 KB 46ms
46ms Image
image/svg+xml 172.67.198.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://press.hotfix.com.br/_plataforma/imagens/icon-cookies.svg
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf3ca4bfe99968fed627e3b77d8a704ddcf91fa3ad96482f35445437cb34f2b

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11855261
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86192a90000d87997ac2000000001
last-modified: Fri, 23 Oct 2020 07:40:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lLTHDPPfnjZ%2B6OBf7IHiaoRMZd%2BjJIKSWQl2bPELGTTFmkn4VTjWv4vndDpGtdLvIDTvSO5tvfl%2BgubIAgxVeGDlUOF6W9v%2BNcAcH0D4tPjxjAcg"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6320d1fdda01d879-CPH
expires: Mon, 01 Nov 2021 14:13:01 GMT

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 79C1 45 KB
15 KB 87ms
86ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3881d6f387b8%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&layout=button&locale=en_US&sdk=joey&share=true&size=large&width=200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2bbccf5edaf22192585cdc61624bd9fd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27d6f6485c7e1827d2c2336123eb4d7ac1107e89f0530c41c385ef3be3dd1186

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3881d6f387b8%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&layout=button&locale=en_US&sdk=joey&share=true&size=large&width=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0kSLRKHmU4qttdwoy..BgU6gO...1.0.BgU6gO.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: ihiX42Rxxy+0s21vBa/iiB/FM0oFXCUtRGDu0EK+eZd18bcxzEgYBL6e0wcimJyEpRTSyUe+KvYCvZIho2+HuA==
date: Thu, 18 Mar 2021 19:20:47 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2

200

feedback.php Show response
www.facebook.com/plugins/ Frame 133D
Redirect Chain

https://www.facebook.com/v8.0/plugins/comments.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.r...
https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.r...

212 KB
36 KB

109ms
108ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2bbccf5edaf22192585cdc61624bd9fd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48ab9f9d2502291b7f25d7f4211ab4af56f0f5a73dc8c9f3b819553f661aa056

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0kSLRKHmU4qttdwoy..BgU6gO...1.0.BgU6gO.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: I7IngcgcHlls8SpewCBatEf4D8uoi9uGJHVHvNMEimmx6zHvKAVMSYkennwZh+zJUJQuMqgu+bVBFL7S5MvPOA==
date: Thu, 18 Mar 2021 19:20:47 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: YFIdQrWpVTzTLWLu1fJEyPjfXZbxTtIoKCv/95lHSCtUieY3BRDiCbXn9/GlapqV7UYsA+K6q1/elxwNvoO+1Q==
content-length: 0
date: Thu, 18 Mar 2021 19:20:47 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 6b41405704d27 Show response
display.popt.in/APIRequest/ 2 KB
4 KB 292ms
269ms XHR
application/json 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/6b41405704d27?domain=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&referrer=&cookies=+poptin_old_user%3Dtrue+poptin_user_id%3D0.6y06viskl5t+poptin_referrer%3D+poptin_new_user%3Dtrue+poptin_viewed_session%3Dfalse&triggers=&cc=false&if_mobile=false&page_title=Locaweb+compra+fintech+Credisfera+por+R%24+26%2C6+milh%C3%B5es+-+Portal+Rede+Galera&origin_landing_page=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384bdf0c1426cda748e8d1c63fef8d82b6212c3c6c42f8ae7c2102fe2a554812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08e861932900002c2a379f1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LTJRSkg3nSMHpa2GM3Xja%2FVPscFK4%2F428447KUGBnqM5vFmHXs29raEophWIM6Q8kEvHKQZKYascsJ5oCiQSqpKb9at8IDyi3vB5MjE04F%2FMIg6iYqwRvnHVvnE%3D"}]}
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6320d1feaeeb2c2a-FRA
access-control-allow-headers: Origin, Content-Type

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/hf-conteudo/plugin/tradutor/tradutor.min.js?t=1615370170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

1d9cd4531140833610eb82e4b87d7935ea80c53fdfc608eb9f07b9325a8aa5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1884
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
widget.vupler.dev/ 2 KB
1 KB 55ms
16ms Script
application/javascript 2606:4700:3030::ac43:d76d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.vupler.dev/widget.js
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/hf-conteudo/templates/the-big-news/js/custom.js?v1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d76d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c4d054589a260366bbf5bc4a7831fcdd8bb6e502cbc0b1249e81c2a5933c944

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5441
cf-polished: origSize=3546
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e861937b00004a9151277000000001
last-modified: Mon, 08 Jun 2020 20:47:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mmD14iUsrD0yGDWLsPWUcdSjwEHzdssCeuhLrBKgKvx%2FTVxSGY9jMMtjqn3REbzliP6lmthNdsqUY7jAGIPe%2FERClNJjkYelvrj%2Bh%2Fy%2BXXsCv50W2DnndzpGM1aICQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6320d1ff2d694a91-FRA
cf-bgj: minify

GET
H2 200 flags.png
www.redegalera.org/hf-conteudo/plugin/tradutor/images/ 54 KB
54 KB 661ms
660ms Image
image/png 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/plugin/tradutor/images/flags.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54996
cf-request-id: 08e861935b00002b4174a29000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mXpK0WDK1cTFk0BwfGgnaTXoHiVvHv%2BdZ2r5Fq2faBJp0JuROLY4BKyX4EvK%2FFpsXUHjRTRuYLDlVUWqhN7GeCmywLlqwmO4CQ%2F0K2KSZdEbPB%2Bc%2BMn7NtbzmcMuhtU%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d1fefc272b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2

200

282_434d46f88252e3987f3e24711df92efd.jpg
www.redegalera.org/hf-conteudo/uploads/posts/2021/03/
Redirect Chain

https://www.redegalera.org/imagens/200x200/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg
https://www.redegalera.org/hf-conteudo/uploads/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg

12 KB
12 KB

351ms
351ms

Image
image/jpeg

2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/hf-conteudo/uploads/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce8faa69de427ed971352ae5d26511e434736b8f53ee14bd540c7badb8bfb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11984
cf-request-id: 08e86195a700002b4174a53000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 15 Mar 2021 00:25:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BCFCoAnI2iMILTMXZff%2FIdjHSlqy4d3As4lRgNhlKbphW5EP2ECS%2FMBHGZqhrozUGoD77UmwcgGZ9gTR7HA4gBPGNo2XhY0HD2GEWIcyWwJDUSaoa9dZasNWO8CrR%2Bs%3D"}]}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6320d202aafe2b41-FRA
expires: Mon, 17 May 2021 19:20:47 GMT

Redirect headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86193aa00002b4162095000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FFO%2B%2BPDzA0sIVDgBtjIK%2B7yqriwiYYZZAPucc30k4d%2FGCTJ4gF2d5%2F922hPMrINRNwkgAFrRl%2F9i99XdQKVE5qpI7Xfh3T4Af%2FEBfeYJf8hUDkpoLWmHMrICb2R3yGI%3D"}]}
content-type: text/html; charset=UTF-8
location: ../../../../../hf-conteudo/uploads/posts/2021/03/282_434d46f88252e3987f3e24711df92efd.jpg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1ff7d252b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 281_d51e74cd-3687-484b-acef-20b12d406e67-jpeg.jpeg
www.redegalera.org/imagens/200x200/posts/2021/03/ 9 KB
9 KB 375ms
374ms Image
image/webp 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/imagens/200x200/posts/2021/03/281_d51e74cd-3687-484b-acef-20b12d406e67-jpeg.jpeg

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bc6e388e9de01f6c5fe55d3b6a4704b4347e4ba4324fb2d746e5834bccd8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
content-disposition: filename=281_d51e74cd-3687-484b-acef-20b12d406e67-jpeg.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86193aa00002b416c001000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
etag: bcbc36d31edbee44745ed4233684d21b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bVaTHS8fSc113TL0Gp%2Ff4JM%2ButjY8nDJSpEEkzKS1PqsRA%2BJLvuP3nxFxiAaMhtBn7Lnx%2BMGFUH7uCbAA7HJ8oLOSzLFgFGq%2F8waJ%2B9CmYdlDJ4mMcaZrbX1%2BFiQ%2BnM%3D"}]}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1ff7d262b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 280_f2ec6418-fbdd-4334-a603-04a49d7e1969-jpeg.jpeg
www.redegalera.org/imagens/200x200/posts/2021/03/ 8 KB
9 KB 394ms
393ms Image
image/webp 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/imagens/200x200/posts/2021/03/280_f2ec6418-fbdd-4334-a603-04a49d7e1969-jpeg.jpeg

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0cb6a961bf1409f2fcce8a5b7ead73037b84ddc3c7b2fe3a2d61a67aa3f160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
content-disposition: filename=280_f2ec6418-fbdd-4334-a603-04a49d7e1969-jpeg.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86193aa00002b41470c7000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
etag: bcbc36d31edbee44745ed4233684d21b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CDzSpGPxDh2et9Cyf59KpzTeAZVUm91T%2BzXYEGxP61zVCYrQILYCdqt%2B%2Bq0dWoBgSwbqYcCACD9Y%2Fec%2FNDFO3A0gJtgs5PWzbC1%2FvvC4v6H%2BzwMadPL2pDhr45vsxP0%3D"}]}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1ff7d282b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 278_28dca909e358973d0a10379ff0745387.jpg
www.redegalera.org/imagens/200x200/posts/2021/03/ 6 KB
6 KB 380ms
379ms Image
image/webp 2606:4700:3034::6815:4e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redegalera.org/imagens/200x200/posts/2021/03/278_28dca909e358973d0a10379ff0745387.jpg

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ac19dc286302c1078924f5db77da7b5451fb4c17dda7e657747d39976ec7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
content-disposition: filename=278_28dca909e358973d0a10379ff0745387.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e86193ab00002b4104362000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 15:06:03 GMT
server: cloudflare
etag: bcbc36d31edbee44745ed4233684d21b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M73wePHHImmW2rN8%2FofHQnGqafj2JsUEKYI%2BN4PJnP3Lu7Lvv7sQi6mQgYohGQ1yvJXJIichLA5LASpOS3i89WIE8kSAt7%2BT%2FrM8Nq39opS%2Behysx2LOxkfILnx4gqI%3D"}]}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6320d1ff7d292b41-FRA
expires: Mon, 17 May 2021 19:20:46 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 14ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2090
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 18 Mar 2021 19:45:57 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2247
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 18 Mar 2021 19:43:20 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 79C1 400 B
664 B 11ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3881d6f387b8%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&layout=button&locale=en_US&sdk=joey&share=true&size=large&width=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: c+aIcc15GZmo1JRgU9/Lz7l96oai54NoQuCUg7ZiTc37ah0Bd83ozsb8O1zmrIYrIkGgVkT3s8qo80lnBK6i3g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 09 Mar 2021 07:28:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 07:28:00 GMT

GET
H2 200 fcAKwzhlut7.js Show response
www.facebook.com/rsrc.php/v3iEpO4/y_/l/en_US/ Frame 79C1 479 KB
124 KB 7ms
6ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/y_/l/en_US/fcAKwzhlut7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a51823cc56dd119006d6134366000ccb1b31bcdb1102bd2987b7c04f923ce40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Og6QMkDigMZgtmPC30gmHmACZ83Uw+sgJcoRn7n1SAdUKy+N80H2hmU+WL5jX6Bx+MebcCzQxhuXfaybMP0JoA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VIr6ZnH1EP4Xw//BObsXkQ==
date: Tue, 16 Mar 2021 14:20:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126244
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 14:20:58 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
90 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3350
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 18:24:57 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 79C1 67 B
231 B 36ms
33ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616095247283&t_start=1616095247283&t_domcontent=1616095247308&t_layout=1616095247327&t_onload=1616095247327&t_paint=1616095247327&t_creport=1616095247327&t_tti=1616095247308&lid=6941076235174620297-0

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 750te0M3ZBZHoHchaf8r0v3syeRFfbrnm9lKGSo8cVaB8VypvNraD6NUjpUlSSSrFrxaqQZvHlXEsfP8D4is2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Mar 2021 19:20:47 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rQIHgaDP8L9.css
www.facebook.com/rsrc.php/v3/y8/l/0,cross/ Frame 133D 2 KB
890 B 9ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y8/l/0,cross/rQIHgaDP8L9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=592331141415391&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13d469fa8a6128%26domain%3Dwww.redegalera.org%26origin%3Dhttps%253A%252F%252Fwww.redegalera.org%252Ff25c0fc15816764%26relation%3Dparent.parent&container_width=810&height=100&href=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Fnoticia.html&locale=en_US&numposts=10&order_by=reverse_time&sdk=joey&version=v8.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2372493f5d99b51bf4e80376cf178e530bfac2e611cad5288b15fc2ebc661f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZN7eGOe/5SK/iRBaeX4u/RdF3oTtyk8eDD58rHXLOugh8mfpKAGUseQZQslLm5DwSUhqzPdJSO+BFaL9oOzcpA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: aCa8XvF0c5gtKH9qJL/LNw==
date: Wed, 17 Mar 2021 19:26:07 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 661
x-fb-rlafr: 0
expires: Thu, 17 Mar 2022 19:26:07 GMT

GET
H2 200 8SUSDv1G3Bx.css
www.facebook.com/rsrc.php/v3/yO/l/0,cross/ Frame 133D 128 KB
21 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yO/l/0,cross/8SUSDv1G3Bx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48fc94dab88b6d68c431d208d0ed0b65605781e8d7613f2a638e0de96c54cc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ArJVktOAypVJqKJ1ZI2bm5KYtLMd2ESn/6XB8HEuKE+hwIgKlWOJ849DaFAjr9qX9gy59Uc7jPEAfcqgRwanFA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: PW9gi4Kn8OirhVz5hl4DFw==
date: Sun, 14 Mar 2021 18:51:53 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20964
x-fb-rlafr: 0
expires: Mon, 14 Mar 2022 18:51:53 GMT

GET
H2 200 COFZ7ITuwSz.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 133D 268 KB
71 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RdaRlLRvra/nUVf/g2gp9w==
cross-origin-resource-policy: cross-origin
content-length: 72280
x-fb-rlafr: 0
x-fb-debug: Cp6OrbdnAVNBG7GrzwoOix/RlVo11Gh2zkZGTRTY07dWJqKeLSzYMEEszq6KaiMIaLL3YudhqDPgImyEV9RkEg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 03:17:45 GMT

GET
H2 200 FBJGIgt_yWB.js Show response
www.facebook.com/rsrc.php/v3i7M54/yv/l/en_US/ Frame 133D 165 KB
46 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7M54/yv/l/en_US/FBJGIgt_yWB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cedb3907578c701df3af4719fca3d463b317c193e493d1a292771ecc44322ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 08:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LU5kYAS2Sqgt468MgIYysA==
cross-origin-resource-policy: cross-origin
content-length: 46738
x-fb-rlafr: 0
x-fb-debug: RI0TQQ1UDX8mVmfvBjLY4VZN8722JFc5xmtgA6FMJkbnuY86igW+mm5cjpMz1K/PsyENXPs76JlQHRZp15F2iA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 08:54:01 GMT

GET
H2 200 AwPUSynXz9u.js Show response
www.facebook.com/rsrc.php/v3iAQZ4/y1/l/en_US/ Frame 133D 1 MB
347 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAQZ4/y1/l/en_US/AwPUSynXz9u.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b30a74a1e467003bb7f40f27975790a68bfd61c6c46965adf6e7fa9b4748610b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Bk0QCXtCM2bzaVT7EMGJ/w8QcDiEcsMGzDoxuEJmlGxSE1d950ZA2NQgfCdDy0Ju1s5cDRSdde2zvWzr7tAjag==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KLyBmawCCuOUzofXyl/9Jw==
date: Thu, 18 Mar 2021 11:04:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 355280
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 11:04:47 GMT

GET
H2 200 IMxfoCHjfjB.js Show response
www.facebook.com/rsrc.php/v3i8x54/y0/l/en_US/ Frame 133D 456 KB
94 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i8x54/y0/l/en_US/IMxfoCHjfjB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90a24e13f72d85b4bb81eb3ae60a241bce5ece63350c71678d61dba57a250f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IPFrka7Uh3y47uYJ8JKGFA==
cross-origin-resource-policy: cross-origin
content-length: 96263
x-fb-rlafr: 0
x-fb-debug: 1pTgucLPXu2zBZRhkXVkAYGSm3w/fdQ+KYksM2GJLhlA8u2qBfAy7xq/ItCdwJ3iDCZzx/dMCxuTaQ0wgvBJzA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Mar 2022 15:52:00 GMT

GET
H2 200 xaX-Qx4FA-N.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 133D 567 B
568 B 17ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/xaX-Qx4FA-N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90e018d85273826621a5c2d82c57cfa56c1472d4cfd4aed9b348b431d1fee02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: VIjlJE0SGZrWz74TmX6PwZ9HtfPPS0BifTk1TEVd2iUQWSdNLa7NK/Ud/xZn7oOg2vdoKCGKT04VJXTLmR0Fmg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 4RpOqSlNfWgOopOaeWrg0A==
date: Tue, 16 Mar 2021 23:53:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 353
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 23:53:01 GMT

GET
H2 200 5wx3YR_HPa_.js Show response
www.facebook.com/rsrc.php/v3/yZ/r/ Frame 133D 12 KB
4 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yZ/r/5wx3YR_HPa_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d125377b9638747a60df7807e01bd18d796677d2d005af1792616695d2c3eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vHWlLscgLta+IubwvzeCvA==
cross-origin-resource-policy: cross-origin
content-length: 4109
x-fb-rlafr: 0
x-fb-debug: Oq86Cb5FUtBPXujYIASRO74JMRYuFnkq2WoLzcMD0RRxZ/h622aPHRpKGab5mDr10gwfZVtFPXjsjVa/8uT15A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 21:16:24 GMT

GET
H2 200 5VR2dH_XHWT.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 133D 26 KB
8 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/5VR2dH_XHWT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: m2obDAztB1plLd2xiIJfWy5nl0XG0nKsNKBnOvHxtkB2tPasQmgALttQ5ZvF9k92zQxFJA6xflVWod9Bz/H2bQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KGnC4WKDmGEmi5eIigLTgQ==
date: Mon, 15 Mar 2021 08:05:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8294
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 08:05:18 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame ED1E 185 KB
53 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame ED1E 12 KB
5 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame ED1E 87 KB
27 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame ED1E 70 KB
16 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 288082
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16397
x-xss-protection: 0
server: sffe
date: Mon, 15 Mar 2021 11:19:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2ccf127281514232"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 11:19:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame ED1E 3 KB
1 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame ED1E 40 KB
13 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame ED1E 3 KB
980 B 46ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700,600

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50ae8c1c46efcb45faec29e700ee3c2ee9b709308d752e1e3992664a4d4b3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:38:08 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:47 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED1E 3 KB
3 KB 40ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 19:41:52 GMT
x-content-type-options: nosniff
server: cafe
age: 85135
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:41:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED1E 344 B
811 B 39ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 36925
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 19 Mar 2021 09:05:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ED1E 0
0 25ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOtbXGIQYKPxYByeLXz8PE_6e5QQ4ejdzyLHttMiejs6ULELN323LJdNXQemubLSrYrB414rsYhj0XYsJrXdyI5rqrFw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED1E 0
53 B 48ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClBpMDqhTYMKGONWmlgTvgqGAApeevKpbr-itjIYN4d2Po4wZEAEgu4ORK2CViriCyAegAe-89NIDyAEJqQJLKO5rCx6FPqgDAcgDCKoEhAJP0BlH46hbuyM3Ywj5t1-ab1HjwsHI8ekLBRyzj3OpwhdRVfDS6dJ9PUifzz1-OGQat2UpmfBjYB8ifD2t85rSjjMswSTQX7WtSF-0K6VznKKt9sf5830WFw7Rs9Ob08Cxb0sZGzQlcTDUwBIRwu9kpaE2IwMsxOclpE9BjAlyLHOGZi_-SfvMY820ikkmhhXdDZ6DmmEDrUCrDichaC5MoyN3GDJ_8qd6FLH_9zUgv3GtkVR76QnHxBgJeu4kmQ9PbEAt8Dqcwys0ivhGKr_cKXdJnYXFcyFjoupgyN-4EY3utfE7F9Lr6iSom4AvvuXBV_fJyTMQbM_0aioibldUvQLIYsAEuuPivtwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_nCiy2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQw_sR0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTg0NjYzNjc2OTExMDE3OTM&sigh=-KAmAgNqn74&template_id=419&tpd=AGWhJmv-NVuNrd0FQjWg4xj-wPCHrQSLjm8s13dyengxw7DDmg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 19:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 c3eb3f973fd9ed662d6e24489a7213de.jpg
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame ED1E 33 KB
33 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/c3eb3f973fd9ed662d6e24489a7213de.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f77c506117eb0b3c58fa706a8a5d9bf633d39cea7df1ee347b9e9ef677fe6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:44:59 GMT
x-content-type-options: nosniff
age: 74148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34057
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:44:59 GMT

GET
H2 200 0a440cd95cb6b7ba790b5766d5788bed.png
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame ED1E 4 KB
4 KB 46ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/0a440cd95cb6b7ba790b5766d5788bed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d059b661cdfe21221db0f387ae89fd1bbef1bd22f52690c925b5b1995cd6053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 12:05:24 GMT
x-content-type-options: nosniff
age: 544523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3958
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 12:05:24 GMT

GET
H2 200 account_0914e7d4b2564_poptin_deb620114e4cf_2021-03-07_13-50-54_version_2.html Show response
d3lopmpcew67el.cloudfront.net/client_6b41405704d27/ 134 KB
94 KB 631ms
592ms XHR
text/html 2600:9000:211e:1400:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_6b41405704d27/account_0914e7d4b2564_poptin_deb620114e4cf_2021-03-07_13-50-54_version_2.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1400:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba039a84fd38c58124bbe37f6b5f3fda2a8b042cbfdf18af5327dd884095052

Request headers

Accept: */*
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: G9G7kN8o90YsoJKDZdmLYdkBtsuA8jsS
content-encoding: gzip
last-modified: Sun, 07 Mar 2021 12:15:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"5e71befa5331b0593137846b3c6490ac"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
date: Thu, 18 Mar 2021 19:20:48 GMT
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 0kwJ-406ZRmErv4fZ3J2a_dMhyNPI9cjxTyaj14-QceVzBQxNhN4zQ==
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)

GET
H2 200 heb-fonts.min.css
cdn.popt.in/css/ 22 KB
3 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/heb-fonts.min.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 100660
x-cache: Hit from cloudfront
content-type: text/css
content-encoding: br
cf-request-id: 08e861945000000eabd1b7b000000001
last-modified: Wed, 12 Sep 2018 18:05:20 GMT
server: cloudflare
etag: W/"fb58ef8ec15444a0d0cf977973d4f824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5O9INS6z19mHNrsTzL9U9eEGGiMEW%2Fj0s1WesO3yM%2BlIqXr0gf25PixmRL3fDriOGnzcNOc4v44uJ94xubal3IBrFOc1hx%2BwQHSas4TRur7KwFbCjclqwg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: qXd_m_chdhWvR5DNrvI834tklGtnWkb9
cache-control: public, max-age=30672000
x-amz-cf-pop: TXL52-C1
cf-ray: 6320d2008f940eab-FRA
x-amz-cf-id: FzZaQXLPf4Sxp1Qemq9qs50d7Mrk1zOBCsdmgW8BTfTguS_8PnEDtg==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 20ms
19ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6635
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 08e861945100004e2b4ea6f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=raP3DE%2FcNtzziRg9lKAEG4mz%2BCGT4Hr9xp0MJi8yCm27kaGk2eP%2FrwBGuIhdKID7z%2B0FaPiNuON6mX%2FbMwAy%2FhSIktMqiUpGzKvirsjaEIAgmLN5Jc5PIY3E%2BmueSn%2B87Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d20089c84e2b-FRA
expires: Tue, 08 Mar 2022 19:20:47 GMT

GET
H2 200 poptin-style-en.css
cdn.popt.in/css/ 24 KB
5 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21ad78a68c28b5370b87202c919bea1d5c48fdb3494d76ef722fbc19b032694

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
via: 1.1 46d8c022a630614463bdb0576f6829a9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7035
x-cache: Hit from cloudfront
content-type: text/css
content-encoding: br
cf-request-id: 08e861945300000eabe988f000000001
last-modified: Wed, 17 Mar 2021 07:42:02 GMT
server: cloudflare
etag: W/"15480665af5844ff2de5d065e2381d24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B8NH7puUVPlRI2n%2FWuQmzAHUD7aRKENTVe04lXCei5eAUq6HMqzLIEIR8WIBpAWpsAALDJ%2FQyAiC5YWCSs3CAG3SI3RLuUAX6suwiqCdlIwcx4xCscGZFQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: ymxd8wz5Uk79GrzKpzlqPYjjnZy9wL60
cache-control: max-age=1800
x-amz-cf-pop: TXL52-C1
cf-ray: 6320d2008f950eab-FRA
x-amz-cf-id: PyzrNffZkp4NYwAK0you_geFyD22aixOlgMgSwq-qJEiVXpkN9zGbw==

GET
H2 200 poptin-animations.css
cdn.popt.in/css/ 21 KB
2 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e466e2d763bf266d822546b85b19145fc9e701777ba3e7f4c41881b488262726

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
via: 1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7047
x-cache: Hit from cloudfront
content-type: text/css
content-encoding: br
cf-request-id: 08e861946700000eab9297b000000001
last-modified: Tue, 16 Mar 2021 17:05:15 GMT
server: cloudflare
etag: W/"79597218b7a508baaa89895c67a47a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7cxThBPM%2BfpYtT%2FoWOgh4kYlQbpmvUMiO7CGeQcJ1tILLNNEagfBp9kZItCVFDpPTGcBzaUAbjz3CnmGOpJAcP8KjGUJF%2FSP%2FvJzTgEsKigE2PPpYKhqmw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: N7ImLB4fZrYZHWMKbnCuscM7C2rXB85z
cache-control: max-age=1800
x-amz-cf-pop: TXL52-C1
cf-ray: 6320d200afcd0eab-FRA
x-amz-cf-id: p4j3GNC_UH-G3YXz6AC9qF1ax0DNv9ot4ElZNBgaHNwEXHc3OduPPQ==

GET
DATA 200
OK truncated
/ Frame ED1E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 933f31b2690df4b912b6b3241405bf5241061055ddd264b69bd60ba1a01ffbba

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
904 B 35ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:04:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 260202
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Tue, 15 Mar 2022 19:04:05 GMT

GET
H3-Q050 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 34ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:42:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 77903
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:42:24 GMT

GET
H2 200 UsNrl8Qr1jX.js Show response
www.facebook.com/rsrc.php/v3iPwL4/yG/l/en_US/ Frame 133D 28 KB
9 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iPwL4/yG/l/en_US/UsNrl8Qr1jX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec9854c13dcfe382d5bfec2cffc993e76957715ebca2da182ff40f48f3b66e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: m95b5U9zQgR90FB3ZkSnIt4+p0j31ZVKKjo4G+/r05ElGnrsfLQjfsTUmLtm3YGVPrkZtbNMu6v05ZIn7S1PGw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3U3idDcrDIUW62LZnYvQfA==
date: Mon, 15 Mar 2021 21:43:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8509
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 21:43:43 GMT

GET
H2 200 s17qko6Uo5s.js Show response
www.facebook.com/rsrc.php/v3/yn/r/ Frame 133D 5 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yn/r/s17qko6Uo5s.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a5960619ba84379c92016b42ae5a86d5d6602c27e72ffd80ad1ad1bea59b5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: T/PTSUBhY6wxWyvyBfhX/w==
cross-origin-resource-policy: cross-origin
content-length: 2187
x-fb-rlafr: 0
x-fb-debug: ZV8sEnG+kJr/ZpokHUslc4TGNETU/cbPECIG8Cx98m1si3oVcM11PGh3RMEQEllYmpYo/H5ouVDGlohb8Goa/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 23:06:08 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
22ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2632355
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08e861950100002c2a7a12c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AnfhBzRNcughYtKAgH3IqOwYIimc1FfncQoUKNi%2BNiwLo6IIbrUjFNRz3tYZK23nHukO23beHu01iAhLOxe%2FLKJBetJmuS56L4jhWcSr5PJlbVe1zEWoMrUptps6ryFKRg%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6320d2019c392c2a-FRA
expires: Tue, 08 Mar 2022 19:20:47 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:03:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 15458
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Fri, 18 Mar 2022 15:03:09 GMT

GET
H3-Q050 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/css/heb-fonts.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:30:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
age: 262196
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15572
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:30:51 GMT

GET
H3-Q050 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ Frame ED1E 46 KB
46 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:26:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 262437
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:26:50 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012101070013000/ 20 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308129
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7295
x-xss-protection: 0
server: sffe
date: Mon, 15 Mar 2021 05:45:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6fcef8ec3898355"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 05:45:18 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED1E 3 KB
3 KB 11ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 19:41:52 GMT
x-content-type-options: nosniff
server: cafe
age: 85135
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:41:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED1E 344 B
402 B 10ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 36925
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 19 Mar 2021 09:05:22 GMT

GET
H2 200 c3eb3f973fd9ed662d6e24489a7213de.jpg
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame ED1E 33 KB
33 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/c3eb3f973fd9ed662d6e24489a7213de.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f77c506117eb0b3c58fa706a8a5d9bf633d39cea7df1ee347b9e9ef677fe6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:44:59 GMT
x-content-type-options: nosniff
age: 74148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34057
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:44:59 GMT

GET
H2 200 0a440cd95cb6b7ba790b5766d5788bed.png
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame ED1E 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/0a440cd95cb6b7ba790b5766d5788bed.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d059b661cdfe21221db0f387ae89fd1bbef1bd22f52690c925b5b1995cd6053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 12:05:24 GMT
x-content-type-options: nosniff
age: 544523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3958
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 12:05:24 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 03EC 185 KB
53 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/ Frame 308C 82 KB
30 KB 36ms
22ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67202d68095e4bb3c52b8d313cdcacf224ddb320327b274b0cfb90c7e7e02638

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7881690677737347102/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 17 Mar 2021 23:06:36 GMT
expires: Thu, 17 Mar 2022 23:06:36 GMT
last-modified: Thu, 28 Jan 2021 14:57:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 28927
age: 72851
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 428E 0
0 41ms
40ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsECTDqhTYKLFPIyzlgSd5IzYArikz8RfjJnfgZ8Nl7vk5PcXEAEgu4ORK2CViriCyAegAfjE3-EDyAEJqQKzlX2cHgO0PqgDAcgDSKoEkAJP0AfmFg7KIHEyuvKZ4wKvkE9hg33k4oUS74taENaE2m79IGscGiWwqRSDTmASw8GceL-aBJ70cYFjbnXiDE6WH7lKigil2rDgemsWP5pXCzfY-rjz6as94dDVdg2VoK9h8BbSZjAN_Sxy_2Up8EdY9HObj0bB13Of4KKHNu7g5OILDv67dQMtvtLajXNODNPEWAtXMlt3gvlrgilPwo25liP7WR4waPS4buQEZTUhvXsH6oISOJYcDvtJ8RdusAcW3c1jk-qAsmnFEfLTeXH1AlvmOiQV4QZ1eS-ynW4idx5ScHOa2x4zjRG-mYdBZbGOtQzO80JoZR4ZoEzoKM5duT2XHHkdy7UsYWMFRqRe18AEkLamyx2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH8LqgHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCxsSrSCAkIgOGAEBABGB-ACgHICwHYEw2YFgGyFxoKGAgAEhRwdWItODQ2NjM2NzY5MTEwMTc5Mw&sigh=0cTjJil63Xc&template_id=419&tpd=AGWhJmv8GJtlDO2-mPgMoRNL0RVvtwlB9guF1WQnU2dNDozh4w

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 19:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 428E 17 KB
7 KB 37ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:19:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 428E 2 KB
1 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:20:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 428E 117 KB
36 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 428E 13 KB
6 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:16:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 428E 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVx8utYWR8NoY5Cjt8s0sj1HYltC-ssgsn_bKxByOits9THuyQihgR9ZNMjwOJz9TCJ9L_lqE0KpU6lbFiOT_TGsjgeg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 10S8fVwNKKA.png
www.facebook.com/rsrc.php/v3/yI/r/ Frame 133D 52 KB
52 KB 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yI/r/10S8fVwNKKA.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/l/0,cross/8SUSDv1G3Bx.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: v1iiuvCVOeDNhibvYvJRUuP84BnCAuMslvIljVLAqrlLBAgyTggg9SGR/8LREXOmKgNzj9ujUDwVG6cVopwykw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: V5SyOHpIwnhDdkJPL2vc+A==
date: Wed, 17 Mar 2021 14:13:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 53301
x-fb-rlafr: 0
expires: Thu, 17 Mar 2022 14:13:56 GMT

GET
H2 200 odA9sNLrE86.jpg
www.facebook.com/rsrc.php/v1/yi/r/ Frame 133D 1 KB
1 KB 6ms
5ms Image
image/jpeg 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 6DkqDP2zqGOffsnmB6qPMUyGezWv09HfVjXeWZ+ksMvKc8tabuOpwmhtkzJSkMlhYLgfrBmUoyyifik6uMpHBQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
date: Tue, 09 Mar 2021 07:09:06 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 1131
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 07:09:06 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 03EC 12 KB
4 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113451
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 03EC 87 KB
27 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 03EC 70 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 288083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16397
x-xss-protection: 0
server: sffe
date: Mon, 15 Mar 2021 11:19:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2ccf127281514232"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 11:19:25 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 03EC 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 03EC 40 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 03EC 3 KB
638 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50ae8c1c46efcb45faec29e700ee3c2ee9b709308d752e1e3992664a4d4b3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 17:57:18 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:48 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03EC 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 19:41:52 GMT
x-content-type-options: nosniff
server: cafe
age: 85136
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:41:52 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03EC 344 B
621 B 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 36926
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 19 Mar 2021 09:05:22 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 03EC 0
0 44ms
27ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsuFLOQ7ZRPtorcCBEwvzmH0oZW2Tt552XWKX_bTGJoBsiLBZQz5AnqGZyLEVbhM3ctX8Frhks3sMRlB52oMOAiLSYkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 03EC 0
595 B 43ms
42ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C929cDqhTYOerO9WmlgTvgqGAApeevKpbr-itjIYN4d2Po4wZEAEgu4ORK2CViriCyAegAe-89NIDyAEJqQJLKO5rCx6FPqgDAcgDCKoEigJP0OlU11DgOq-42EdHAFTCFl1ICdaBqXIjxbjFp33rogvc7hqWwFSh707VyfVG_u7_DylZs367ntRT_eqLKs7hsfkETR1cgTjOFWBU_TzYTh4WpcsM1HhmDb2aHfOUVPw9UjNXFJ2vZk6yqqA6bSEn5aBgUboj9qHeE4hxf86XW1_RYJD4oJw92idvUKPDpEmA3yeP3wr7zEyPRuF8XEXN-MmaTSfAfyIFLpOBvH-vsQwtd1zvl3uk-lsXK0wjZnoeABXdyI5DH42TFFFVbscw1fvMrTIwyBnOZdCTsie7qXDVcpHuME_4atNe4IZsGla-G8FOcsu50iQvzJGe9FxuakXkIzOUQo4k3cAEuuPivtwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_nCiy2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQgPkG0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTg0NjYzNjc2OTExMDE3OTM&sigh=XE3aZilaUQo&template_id=419&tpd=AGWhJmsWK7GWztBn8kHUb1XURie4aCzSIQCSxPpymbj4TT8r7g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 19:20:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:48 GMT

GET
H3-Q050 200 c3eb3f973fd9ed662d6e24489a7213de.jpg
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame 03EC 33 KB
33 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/c3eb3f973fd9ed662d6e24489a7213de.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f77c506117eb0b3c58fa706a8a5d9bf633d39cea7df1ee347b9e9ef677fe6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:44:59 GMT
x-content-type-options: nosniff
age: 74149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34057
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:44:59 GMT

GET
H3-Q050 200 0a440cd95cb6b7ba790b5766d5788bed.png
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame 03EC 4 KB
4 KB 13ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/0a440cd95cb6b7ba790b5766d5788bed.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d059b661cdfe21221db0f387ae89fd1bbef1bd22f52690c925b5b1995cd6053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 12:05:24 GMT
x-content-type-options: nosniff
age: 544524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3958
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 12:05:24 GMT

GET
DATA 200
OK truncated
/ Frame 03EC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d27a8cd76006d35f661530aee889349e14b95cd668082190f9a34463b0f5680f

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 l Show response
translate.googleapis.com/translate_a/ Frame 92EE 3 KB
1 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tepMfD4N85w1snk33YqQpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-tepMfD4N85w1snk33YqQpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 0B01 3 KB
1 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WC6mGD/DNjv6xOC4OQftYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-WC6mGD/DNjv6xOC4OQftYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/ Frame E292 66 KB
41 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99a30008bc08af84e9ad40cfd209d00a8ddbfefd25f729067e3aa2c9da300c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 15 Mar 2021 12:22:20 GMT
expires: Tue, 15 Mar 2022 12:22:20 GMT
last-modified: Wed, 10 Mar 2021 15:03:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 40864
age: 284308
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 77B1 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFl7lDqhTYPXzMsfBbt-PrbgHgNHB7WHR_c33wA2OpPKM0wcQASC7g5ErYJWKuILIB6AB8J268gPIAQmpApC8EHHY_rM-qAMByANIqgSEAk_QKzO_kjHqP9gCSMpo0VI08QEnBobY66MxTAcOIHUSCeADoD4yVyN7drWuPAsmKOtiyr8DKxS2Oxs8YJzu5SzDXfhnRDFPT2W5Vhe02xPQ7M1AtGWpMReFalRGIDcwpNVKfJ1fNCFkowBaW0TfQ1jN5BPjGTQVy3rMqBQOMjl6Qp1gbYYJKZxJx8tQbFRVWk0hwIGGZuAcKnvAjKnAWJ99xlng5Tmf0HND3HKRrlYvRMrAGtjArThQRk9qySWP3FPI8kriq2eM7r4gqcvsCta4JcGn8hxf_wKmHWkQQdAMTrJb_z7mwZ7demKPmrKws4dTecOkMmERyJrRqS1CGJjHZyVWwAS2hdfveJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf44cUNqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENCaGdIICQiA4YAQEAEYH4AKAcgLAdgTArIXGgoYCAASFHB1Yi04NDY2MzY3NjkxMTAxNzkz&sigh=XIuNjJr0Z2Q&template_id=419&tpd=AGWhJmtYiYaMnDLnu58H0RfGgXcwuD2PAujugtLGoBrtDbniog

Requested by

Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 19:20:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 77B1 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:19:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 77B1 2 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:20:10 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77B1 117 KB
36 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:48 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 77B1 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:16:52 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ Frame 03EC 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:26:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 262438
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:26:50 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CA6 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmnFIXzTd-7atrxn-KD1PjRQxJfkyotjERVL2wCWRxgVUFdkA1xCMX30lsmoP8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=300&slotname=9504853105&adk=1123607245&adf=1430760577&pi=t.ma~as.9504853105&w=300&lmt=1616089419&psa=0&format=300x300&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246961&bpp=1&bdt=775&idt=2&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1070&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=KbNwJab9nV&p=https%3A//www.redegalera.org&dtd=5

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Mar 2021 18:41:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2363
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 428E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21de2a5bfcfa1689d48625c70510db2b51bcdd83a843d275155206c2cd0aebe6

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 428E 0
446 B 58ms
40ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKE-_jHuu8CFYyZhQodHTIDKw&gqi=DqhTYJjHO5HNbZj-iqAP&layout=/sadbundle/%24csp%253Der3%24/7881690677737347102/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 credit-new.png
app.popt.in/css/images/ 6 KB
6 KB 25ms
15ms Image
image/png 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.popt.in/css/images/credit-new.png
Requested by: Host: www.redegalera.org
URL: https://www.redegalera.org/noticia/44/locaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:48 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 15:18:58 GMT
server: cloudflare
age: 7008
etag: "1753-5bdbd0079bc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mHNQJIxh0Yg4RhBIqCxi8Cs5w%2Farl2gDiAbPMBx1YvZ%2BwM0GYCnphxbz19OxbT9HqOvss6QzSlSdlYSUQ8n4ITIqwOOxmNU6iOURr4v05V3rgSKPKa2uQQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 6320d205d89d0eab-FRA
content-length: 5971
cf-request-id: 08e86197a900000eab7c128000000001

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1b28d9f956d1bde7655b0a1b8b1c59866f03cccd095e054f7016b5aea17e307

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6548 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmnFIXzTd-7atrxn-KD1PjRQxJfkyotjERVL2wCWRxgVUFdkA1xCMX30lsmoP8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=6325200233&adk=263543504&adf=3017757116&pi=t.ma~as.6325200233&w=700&lmt=1616089419&psa=0&format=700x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246725&bpp=86&bdt=539&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=odPpqapE0g&p=https%3A//www.redegalera.org&dtd=92

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Mar 2021 18:41:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2363
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 77B1 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03643a3ee2add1cb1b6a8ba8d8580e64c4184663cabf8ce2277ae41185c336e2

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 308C 9 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 308C 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:41:54 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 308C 57 KB
23 KB 175ms
15ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Mar 2021 19:20:48 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 77B1 0
111 B 43ms
43ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWy8fjHuu8CFcegGwod30cLdw&gqi=DqhTYLa7MoexlgT2zLXAAg&layout=/sadbundle/%24csp%253Der3%24/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03EC 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 19:41:52 GMT
x-content-type-options: nosniff
server: cafe
age: 85136
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:41:52 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03EC 344 B
439 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 36926
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 19 Mar 2021 09:05:22 GMT

GET
H3-Q050 200 c3eb3f973fd9ed662d6e24489a7213de.jpg
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame 03EC 33 KB
33 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/c3eb3f973fd9ed662d6e24489a7213de.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f77c506117eb0b3c58fa706a8a5d9bf633d39cea7df1ee347b9e9ef677fe6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:44:59 GMT
x-content-type-options: nosniff
age: 74149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34057
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:44:59 GMT

GET
H3-Q050 200 0a440cd95cb6b7ba790b5766d5788bed.png
tpc.googlesyndication.com/sadbundle/9644266094761958093/media/ Frame 03EC 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9644266094761958093/media/0a440cd95cb6b7ba790b5766d5788bed.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d059b661cdfe21221db0f387ae89fd1bbef1bd22f52690c925b5b1995cd6053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 12:05:24 GMT
x-content-type-options: nosniff
age: 544524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3958
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 12:05:24 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E292 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E292 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/ Frame E292 1 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 284303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 15:03:20 GMT
server: sffe
date: Mon, 15 Mar 2021 12:22:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 12:22:25 GMT

GET
H3-Q050 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/ Frame E292 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403ce493ecf2931dd201da704c4d572575f55d2d46b8e9eb21aeeb3efc93e698

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 284303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18271
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 15:03:20 GMT
server: sffe
date: Mon, 15 Mar 2021 12:22:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 12:22:25 GMT

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/ Frame E292 34 KB
34 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32f380f75a96ef2fea37bcb46f1ae687cf395773dfdad0793daaf4011d372de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 284303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34572
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 15:03:20 GMT
server: sffe
date: Mon, 15 Mar 2021 12:22:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 12:22:25 GMT

GET
H3-Q050 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/ Frame E292 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6480518054645747810/nt_s21-DE_728x90_nokian-wetproof-suv/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 284303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 15:03:20 GMT
server: sffe
date: Mon, 15 Mar 2021 12:22:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 12:22:25 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CA6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

39ms
39ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmnFIXzTd-7atrxn-KD1PjRQxJfkyotjERVL2wCWRxgVUFdkA1xCMX30lsmoP8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 19:20:48 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 18-Mar-2021 20:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 19:20:48 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E292 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-Q050 200 d8a3820f96e194b41285da365d0cb771.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/ Frame 308C 18 KB
18 KB 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/d8a3820f96e194b41285da365d0cb771.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51dffe88d974284d6ee18f7bbb8bf5f887e61356239d38386a59832c62866a1e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 591470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18774
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 14:57:17 GMT
server: sffe
date: Thu, 11 Mar 2021 23:02:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 23:02:58 GMT

GET
H3-Q050 200 imagesaplhawhzehofdzrmqwcn.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/ Frame 308C 6 KB
6 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/imagesaplhawhzehofdzrmqwcn.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7881690677737347102/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05083170677c179429860e84780a7a06be31d86053e0e672266044614353c8b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 504862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6154
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 14:57:17 GMT
server: sffe
date: Fri, 12 Mar 2021 23:06:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 23:06:26 GMT

GET
DATA 200
OK truncated
/ Frame 308C 5 KB
5 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4977e75d378b00cb3cb8e0be0e239d35a67d32d57ea03d0767dcd0bfb4a89000

Request headers

Origin: null
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 308C 23 KB
23 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7738bf202b84a7e2e379f9d6b0b9c80092289bfdc74c69dcc630f77d977af898

Request headers

Origin: null
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 308C 23 KB
23 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcb3c058ae3f7109b929b82c11ed43e59669bcad9b2eeadce56290ebb203b16

Request headers

Origin: null
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6548
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmnFIXzTd-7atrxn-KD1PjRQxJfkyotjERVL2wCWRxgVUFdkA1xCMX30lsmoP8; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 19:20:48 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 18-Mar-2021 20:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 19:20:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 19:20:48 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 308C 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 35219
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:33:49 GMT

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame E292 14 KB
6 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 35219
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:33:49 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66a6a71992bca8fbcea2ddcb7e0b88e5a59ff4b9b75b31465c6e9a1b4ee95d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6562
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 19:20:48 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B7CE 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.redegalera.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://www.redegalera.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 15:12:08 GMT
expires: Fri, 18 Mar 2022 15:12:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14921
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 428E 42 B
92 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoeE29lv4YjeqPhi7kiIK_5n3U__KGWOdR0-uopaaAHIH0kr3my7PZ1RKHgver-g_kikVSZ5GkVxbXt5JqvERmrFQ8YJOkneXGi924PEPRhk1ZK41KPHrEA4K5cbruHqI5PpUzEsjqL94VBDcAIcoF&sai=AMfl-YSXP5Do1QbTv213h2okJHDiwxIRbNMmt1kBMYALyDRK3fAk2Gn5Fh_SLL3Zg9MZwR7_4rsFDP3G6rjzlCAocLhm28BAGVfxQraM1D5NgdN6w1HrHT45LaX1u55o&sig=Cg0ArKJSzHGWDDJPeT1_EAE&cid=CAASF-RodtFMdjHHjCwshVjCgHL1uHOmkCfb&id=osdim&mcvt=1023&p=314,1070,564,1370&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1123607245&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616095246968&dlt=826&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame B7CE 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 35220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:33:49 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77B1 42 B
66 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQBLa21DnYeohsipGCr4VzOU9-RIEaJlB3X0H3AXKeCZdkxOhodp81QIbyOXUTBXj1321-nahxF34wl-FnWYAeYrQMaxFp8RBewjqiozTjyBkGpV8AjvXEX_dMaMf6uwGhPGNxHTVGf6URNEv1WSAA&sai=AMfl-YQcrWrFKsQYFVbTIxdoL_9m8PLvwQUwFmUJ599DqvDRi8l7yq7tXSnGUQS-WRy3mrHrz6jCe3wxpZksKJjsEfg2KlSjcKumFmwUpjvP2wOdnYcaxrAC-x5ExSym&sig=Cg0ArKJSzLk3AQzavXRWEAE&cid=CAASF-RokBOn7NbhrXgB8f8n87rh6euCWkGn&id=osdim&mcvt=1021&p=1117,270,1203.5625,970&mtos=0,1021,1021,1021,1021&tos=0,1021,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=2&adk=263543504&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616095246819&dlt=1225&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=485756719406184&bg=!p6SlpODNAAbUo7L91KM7ACkAdvg8WqZKhOu2cu_JJq0hYqzugidWdO1fciSZMRY0R9BKzDp2fMpaWAIAAAFBUgAAACBoAQcKADQLrKv9LAyR4drFqdvmD-wOj9K6IRoQvwPGgNPWG-tygLRGWyLNVHQ7X-tnMTboKRgIhtwTmQHaNsOceckvt1mzQ0MDezBjRzZV-wI-oqhneQWybYKAs_SKzTvuJmwC2mppGnHwxzvYFyVOMnOvltE5nKCF1tg-R-bAYxu_dBnJoxIabssnww6okZBOLGslCXC32zlgupJt03cSQgH3G10xIU4xTaaeYMBCOl8RdrZfFnz0zzPxRq9jHAR2O-wJD3aZn61PM0dHiBbHz9uBBpTpxxYetweHQTK9qfc58JjZ6PrUpLOvYLoiG_G9SSu7jq8FFZYkkI6u-p1dn08b0PAI3x6mUPFUTZGgwXy84AqtSGe4ZHAFO7Z63cXULHb5OmXuWOL6SlDJvgVy1JNs-B2tPCzLm6vspyCbc1CVNkZrwwh4LdLJvL0k-WyTN30810Yp9kjvE_NxXvF42jEhK_niObxAlhIah9PdGIJfT1xxtLcI84aIb_EyLQQGQOMGuOhWaYlORHH1BvuIGMurbRa2FoOiPoD2FHPtD_rZKLI4PWneql5Pk3ShlwXCvJ9yLaBawWiNbNNB3S_EaOTaB8nCi1NSEyWG4i792hgirlPEPUCX3hjoh0TytBnOrs4kmW3yXf0pHjZQcQYoeV8MqM575FRd1vgtKnpDPthgCkDFHDavSnFhF_jU3RM2qQg14DIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 19:20:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 credit-new.png
app.popt.in/css/images/ 6 KB
6 KB 13ms
13ms Image
image/png 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.popt.in/css/images/credit-new.png
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:53 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 15:18:58 GMT
server: cloudflare
age: 7013
etag: "1753-5bdbd0079bc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IayBWRsMuVWvGj5dyTMoye3xBa3zR0oRZKQOy4PF9vBNOzTGDPW6vNOCbH59sKTq2Xn1j5B4vtFCqzbgEOaL0RcAQmPQ4B9CIemaIs81g0e3NqU3ThCxoA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 6320d2253d3c0eab-FRA
content-length: 5971
cf-request-id: 08e861ab4300000eab8326a000000001

GET
DATA 200
OK truncated
/ 51 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c76adf18f714171bfa8540cd33abcaa364a2478f9c382abe80dc89c858cbae

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3-Q050 200 css
fonts.googleapis.com/ 1 KB
499 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 19:15:57 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:53 GMT

GET
H2 200 credit-new.png
app.popt.in/css/images/ 6 KB
6 KB 18ms
18ms Image
image/png 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.popt.in/css/images/credit-new.png
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:53 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 15:18:58 GMT
server: cloudflare
age: 7013
etag: "1753-5bdbd0079bc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n4UNAkTu3i9olGqOBDv05jc6yfNrGx%2FvBSZ86tHRAVKJRIxGq%2FinmvsJieYiMHl0RCmu3ybpw94fEooU7FxUt52qlDWYDvc0cOnaPkrCmT3q%2BqCI%2FNdqPQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 6320d2264f020eab-FRA
content-length: 5971
cf-request-id: 08e861abee00000eab8c933000000001

GET
H2 200 credit-new.png
app.popt.in/css/images/ 6 KB
6 KB 15ms
15ms Image
image/png 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.popt.in/css/images/credit-new.png
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:53 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 15:18:58 GMT
server: cloudflare
age: 7013
etag: "1753-5bdbd0079bc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IxGD2rXLho2ur%2F%2FkQkd7X8AV53oFlQmeOOJ1a8KaHaWnSL%2F6UTREP2EewW%2B3g8%2BlsWnnaPnT%2FKwe4v%2FJ2zWGKmoFVJ4ig4aT%2FQ8dUIxPwg0ff%2FQadjJm7w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 6320d2283a430eab-FRA
content-length: 5971
cf-request-id: 08e861ad2700000eab6e002000000001

GET
H3-Q050 200 css
fonts.googleapis.com/ 1 KB
453 B 58ms
58ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 17:58:49 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
544 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yeseva+One&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6c25db78afda8fe9e5c3795b87d6e28c335247fef158df6f96deb4d6bb3072e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:16:26 GMT
server: ESF
date: Thu, 18 Mar 2021 19:20:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 19:20:53 GMT

GET
H3-Q050 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:41:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 261577
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:41:16 GMT

GET
H2 200 deb620114e4cf Show response
display.popt.in/APIRequest/viewed/ 156 B
2 KB 281ms
280ms XHR
application/json 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/viewed/deb620114e4cf?viewer_id=6f30481da5db0&trigger=false&client_id=6b41405704d27&type=desktop

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67b6f842a294879882a1dd6843c2666b93489f162f7cfd3bcbdc2bc6d3e70abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08e861ad7000002c2a801e8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KvvPFqgVFzODHxHbkHZi2enRgHWnIyGHnelimsgJF%2FZ3TpMZlRZ2Fl6JRJrTMQWvMVrmb123EWCCktij843AgxQHfKFNNR9q2i6J9O%2FtJzUErzIINkI3XGJdm78%3D"}]}
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6320d228b8e22c2a-FRA
access-control-allow-headers: Origin, Content-Type

GET
H2 200 credit.png
cdn.popt.in/css/images/ 6 KB
6 KB 13ms
13ms Image
image/png 2606:4700:20::681a:11a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.popt.in/css/images/credit.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:20:53 GMT
via: 1.1 78aa4ecfac2dbbed080d75d85f660486.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6974
x-cache: Hit from cloudfront
content-type: image/png
content-length: 5971
cf-request-id: 08e861ad7000000eabc3238000000001
last-modified: Tue, 21 Jan 2020 15:12:54 GMT
server: cloudflare
etag: "94d2399c3e9c4e1cfc5531117719c855"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aHKmrQV2aqGEz2Kt7Jy8eFgv7W2OuhGgt16cZfxfNuu18%2FZo5mtoStdsgHQ9JrAkP6eftZWV3asXOueKQt%2B9NGsoTVDYidNAIKqMYzKJjf%2F6ytZvuetz8Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: l0Uvv74HeQaspf4QOWOAE210fxg9pNAK
cache-control: max-age=1800
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 6320d228bb330eab-FRA
x-amz-cf-id: Wr8t4nIHtty2yjt2EBIunPj_-OB3Q2sfg6MOyX-H35S7mZ-DNBa7ow==

GET
H3-Q050 200 OpNJno4ck8vc-xYpwWWxli1VWw.woff2
fonts.gstatic.com/s/yesevaone/v15/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yesevaone/v15/OpNJno4ck8vc-xYpwWWxli1VWw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yeseva+One&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8fa160cf16de5a4ff0ba1dab23df14735f27555ff8d9efb44baeb4dbeba8367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.redegalera.org
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:22:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:36 GMT
server: sffe
age: 82700
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16652
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:22:33 GMT

Verdicts & Comments Add Verdict or Comment

460 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:54:58	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:16:31	Name: IDE Value: AHWqTUmnFIXzTd-7atrxn-KD1PjRQxJfkyotjERVL2wCWRxgVUFdkA1xCMX30lsmoP8
.redegalera.org/	1970-01-19 17:38:07	Name: __cfduid Value: de17373716942fb28afdeea46af95c3951616095247

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.popt.in/pixel.js?id=6b41405704d27(Line 1) Message: runPoptinNow
console-api	log	URL: https://cdn.popt.in/pixel.js?id=6b41405704d27(Line 1) Message: initiatePullPoptinsRequest()
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3581323028&adk=4220078987&adf=1677769553&pi=t.ma~as.3581323028&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246888&bpp=1&bdt=702&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MAn1z6KeDC&p=https%3A//www.redegalera.org&dtd=7
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8466367691101793&output=html&h=90&slotname=3386167316&adk=1442770736&adf=69860189&pi=t.ma~as.3386167316&w=728&lmt=1616089419&psa=0&format=728x90&url=https%3A%2F%2Fwww.redegalera.org%2Fnoticia%2F44%2Flocaweb-compra-fintech-credisfera-por-rs-26-6-milhoes.html&flash=0&wgl=1&dt=1616095246939&bpp=12&bdt=753&idt=12&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff0bce3d75be643c-22aaf5cf22a700d7%3AT%3D1616095246%3ART%3D1616095246%3AS%3DALNI_MbsFE-U3MxP_iZvzQ4pjpmsG6JyuQ&prev_fmts=0x0%2C700x90%2C728x90&nras=1&correlator=934992807306&frm=20&pv=1&ga_vid=1326561772.1616095247&ga_sid=1616095247&ga_hid=2127002880&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=2394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066652%2C182982100%2C21068084%2C44739387&oid=3&pvsid=485756719406184&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iy9QpgJKjJ&p=https%3A//www.redegalera.org&dtd=16

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
app.popt.in
cdn.ampproject.org
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
d3lopmpcew67el.cloudfront.net
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
press.hotfix.com.br
s0.2mdn.net
s3-us-west-2.amazonaws.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
unpkg.com
via.placeholder.com
widget.vupler.dev
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.redegalera.org
142.250.185.162
172.67.198.145
2600:9000:211e:1400:b:8c20:bf40:21
2606:4700:20::681a:11a
2606:4700:3030::ac43:d76d
2606:4700:3034::6815:4e4b
2606:4700::6810:125e
2606:4700::6810:7eaf
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
45.33.24.119
52.218.225.64
03643a3ee2add1cb1b6a8ba8d8580e64c4184663cabf8ce2277ae41185c336e2
05083170677c179429860e84780a7a06be31d86053e0e672266044614353c8b3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05d8a9a7af59277884fc49aa48d014a031a711355257fc0b45532103c4fd9cbc
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0b46a93dc35898f4c1cc854e393d5311f73794a39cd603b18ddd0d6e90182660
0d11fc704b16c31ab02b83bd65d85792c82df7332005596924f74017f780b1d3
0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f77c506117eb0b3c58fa706a8a5d9bf633d39cea7df1ee347b9e9ef677fe6ed
107f0fd6ac399387e8aea9579582f4c45ed481230ed73600aa1d4d28ba19cf9b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a2d25532aed736eae26e4285fda25c3cd9c357d5a50410455fc51fd6fe6055
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1ce8faa69de427ed971352ae5d26511e434736b8f53ee14bd540c7badb8bfb40
1d125377b9638747a60df7807e01bd18d796677d2d005af1792616695d2c3eda
1d9cd4531140833610eb82e4b87d7935ea80c53fdfc608eb9f07b9325a8aa5ce
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
21de2a5bfcfa1689d48625c70510db2b51bcdd83a843d275155206c2cd0aebe6
22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d
2372493f5d99b51bf4e80376cf178e530bfac2e611cad5288b15fc2ebc661f13
260faa7a47e14be75c8b3d39b9f615597ca6aa1b15ba9db1b9fbd0a79bc64864
270d7e85127689d560dd0c1f08f9ac29ab25a84dba86f82dba6c3cdb66f923fa
27d6f6485c7e1827d2c2336123eb4d7ac1107e89f0530c41c385ef3be3dd1186
28ac19dc286302c1078924f5db77da7b5451fb4c17dda7e657747d39976ec7cb
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
2c4d054589a260366bbf5bc4a7831fcdd8bb6e502cbc0b1249e81c2a5933c944
384bdf0c1426cda748e8d1c63fef8d82b6212c3c6c42f8ae7c2102fe2a554812
38bb04b5ac1c3090974efb006bc661a4dd7fdf84a35efcd24b5b5c6bf23ca869
3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152
3df3c09746aac355fa15bc52e27d5f9d94137c63abd037543c3d2ae2c0cddc64
3eb789fe0ca90a5881706984306d879a96af22b327ddb8dba3ccebc040a1f366
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
403ce493ecf2931dd201da704c4d572575f55d2d46b8e9eb21aeeb3efc93e698
41495884144d2fa3cb2912739e3fc01ac013b9fcc312c057db8559ed5b022f89
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
48ab9f9d2502291b7f25d7f4211ab4af56f0f5a73dc8c9f3b819553f661aa056
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48fc94dab88b6d68c431d208d0ed0b65605781e8d7613f2a638e0de96c54cc46
4977e75d378b00cb3cb8e0be0e239d35a67d32d57ea03d0767dcd0bfb4a89000
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
51dffe88d974284d6ee18f7bbb8bf5f887e61356239d38386a59832c62866a1e
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
558cdf8f85e407b9a3d6cb9d950a45dffcea07c248c9ee7912b957b7e925fc5e
55e21789822274f05888d684da800b3ef68a9f6bc9cc73a6e9ba5a2cbf3647ce
568358777731489c907e6ca6f48d796e77169bc6eaf39c2f1ffa5685fec16a50
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
61dc5334fab923214249e69e3f5322fa694b3126badfd633f4ca894b2716c62b
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
650b0e5f1fb0e1eaefe8199ee314fd53ef938da7f2764eee3341d16f8df02eeb
6570577389b4c6c0b8899e8bc36b7ec1680d06f07258fb9898604b88b0e6e4ee
66a6a71992bca8fbcea2ddcb7e0b88e5a59ff4b9b75b31465c6e9a1b4ee95d8c
67202d68095e4bb3c52b8d313cdcacf224ddb320327b274b0cfb90c7e7e02638
67b6f842a294879882a1dd6843c2666b93489f162f7cfd3bcbdc2bc6d3e70abe
6880ad520e48455de61a85927c30ba2f6625cc03337272a673962d2dcdc35ab3
6c0cb6a961bf1409f2fcce8a5b7ead73037b84ddc3c7b2fe3a2d61a67aa3f160
6d059b661cdfe21221db0f387ae89fd1bbef1bd22f52690c925b5b1995cd6053
7260eb54a4cc86ec2e12c54e964248db114ac2fecfb71052d0dff13d6b7c6455
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7738bf202b84a7e2e379f9d6b0b9c80092289bfdc74c69dcc630f77d977af898
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d3a8380e22bce35964d89367b446139d44ef5649f80b8a66d1653979513a4af
800e846c90f0cd73a53a42a05ad3e6b022972a791dbef2aa6d5360e7dfcae99e
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
819f9873e80cf405f9397a50bb69aa2b4bc68ef48905f072860a244533f2d086
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71
89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155
90a24e13f72d85b4bb81eb3ae60a241bce5ece63350c71678d61dba57a250f62
90e018d85273826621a5c2d82c57cfa56c1472d4cfd4aed9b348b431d1fee02e
933f31b2690df4b912b6b3241405bf5241061055ddd264b69bd60ba1a01ffbba
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9a5960619ba84379c92016b42ae5a86d5d6602c27e72ffd80ad1ad1bea59b5cd
9b39f20b8e9b35f47f890cdea5e200e1d919e0ce3eaf6a562b7d97732416c665
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51823cc56dd119006d6134366000ccb1b31bcdb1102bd2987b7c04f923ce40b
a6ed52edd0ad164e1cea85578976351284e4c1238c631b3b3fe037986ef09860
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
afcd86a6e57a471b89009cdf2e52218a37bfa4bcd4301bc5dbc12027660c2a64
b30a74a1e467003bb7f40f27975790a68bfd61c6c46965adf6e7fa9b4748610b
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b587e079323833af363c354c232c566cb557792845d0b31a4d187bcb78eda3cd
b6bc6e388e9de01f6c5fe55d3b6a4704b4347e4ba4324fb2d746e5834bccd8eb
b8fa160cf16de5a4ff0ba1dab23df14735f27555ff8d9efb44baeb4dbeba8367
b9bd0f5ce3214ee3079b1c12ca15bc0c95a654d50001fa1a3953c925ffb14a03
bd3fd3452c8e9e93b9d4fd9ba49cdb5a64af8256eb80240db0188a657542ed93
bfcb3c058ae3f7109b929b82c11ed43e59669bcad9b2eeadce56290ebb203b16
c1c76adf18f714171bfa8540cd33abcaa364a2478f9c382abe80dc89c858cbae
c21ad78a68c28b5370b87202c919bea1d5c48fdb3494d76ef722fbc19b032694
c31eccc4277c6187543dcd0cf79f2852f4b990ad656f2551205ef43f445536ac
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6c25db78afda8fe9e5c3795b87d6e28c335247fef158df6f96deb4d6bb3072e
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c99a30008bc08af84e9ad40cfd209d00a8ddbfefd25f729067e3aa2c9da300c7
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
cedb3907578c701df3af4719fca3d463b317c193e493d1a292771ecc44322ed2
d01971f986e350ed026d527853c4a9f8214738e014076ef696841670b06750e9
d27a8cd76006d35f661530aee889349e14b95cd668082190f9a34463b0f5680f
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d462688d92eac8314e0099ef95d24d0d92ddae57571b756edcc9e915847304de
d4f66be9bb767d1aeb8439b170544830a2041dbfbdb82e4d1b574175634f778b
d59ceeab9fd63605ede0475e96258bbbbbff4a6a3165bd2e2e85492b165db7b3
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e1b28d9f956d1bde7655b0a1b8b1c59866f03cccd095e054f7016b5aea17e307
e3ad1f17fd55091c73ae0f5ac26584a3bc0dd8581a5390f73df780416d5973dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e466e2d763bf266d822546b85b19145fc9e701777ba3e7f4c41881b488262726
e50ae8c1c46efcb45faec29e700ee3c2ee9b709308d752e1e3992664a4d4b3c3
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ebf3ca4bfe99968fed627e3b77d8a704ddcf91fa3ad96482f35445437cb34f2b
ec9854c13dcfe382d5bfec2cffc993e76957715ebca2da182ff40f48f3b66e29
ed11a4bac2e4ddba2929e62c72b1e48ace2a1a125de7a39c055e73e1a3f91474
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1559d2f6f7f22630bbaea76a9ed27cf0f62e75c5ce4156699681d6fb1d314bd
f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb
f32f380f75a96ef2fea37bcb46f1ae687cf395773dfdad0793daaf4011d372de
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5
fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac
fba039a84fd38c58124bbe37f6b5f3fda2a8b042cbfdf18af5327dd884095052

www.redegalera.org Open in urlscan Pro 2606:4700:3034::6815:4e4b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

86 %IPv6

21 Domains

28 Subdomains

29 IPs

2 Countries

5988 kBTransfer

11745 kBSize

3 Cookies

19 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.redegalera.org Open in urlscan Pro
2606:4700:3034::6815:4e4b Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

86 %
IPv6

21
Domains

28
Subdomains

29
IPs

2
Countries

5988 kB
Transfer

11745 kB
Size

3
Cookies

193 HTTP transactions
10 data transactions