opovoemfoco.com Open in urlscan Pro
67.23.238.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.opovoemfoco.com/
Effective URL:
https://opovoemfoco.com/
Submission Tags: krdprod
Submission: On May 28 via api (May 28th 2021, 7:42:30 am UTC) from JP

Summary HTTP 136 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 16 domains to perform 136 HTTP transactions. The main IP is 67.23.238.41, located in United States and belongs to DIMENOC, US. The main domain is opovoemfoco.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 13th 2021. Valid for: 3 months.

This is the only time opovoemfoco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	67.23.238.41 67.23.238.41	33182 (DIMENOC) (DIMENOC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	194.1.147.53 194.1.147.53	210250 (WPX) (WPX)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:f800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:a400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	3.209.191.86 3.209.191.86	14618 (AMAZON-AES) (AMAZON-AES)
9	2600:9000:218... 2600:9000:2182:2600:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
136	28

43 67.23.238.41 (United States) 1 redirects

ASN33182 (DIMENOC, US)
PTR: us123-cp.valueserver.com.br

www.opovoemfoco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opovoemfoco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.1.147.53 (Chicago, United States)

ASN210250 (WPX, BG)
PTR: wpx.net

www.happythemes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:f800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:a400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.191.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-191-86.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2182:2600:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	opovoemfoco.com 1 redirects www.opovoemfoco.com opovoemfoco.com	1 MB
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	511 KB
17	doubleclick.net googleads.g.doubleclick.net	110 KB
13	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	42 KB
7	google.com 3 redirects adservice.google.com www.google.com	897 B
4	googletagservices.com www.googletagservices.com	138 KB
4	happythemes.com www.happythemes.com	5 KB
2	2mdn.net s0.2mdn.net	46 KB
2	google.de adservice.google.de	287 B
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com partner.googleadservices.com	259 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	googleapis.com fonts.googleapis.com	817 B
136	16

	Domain	Requested by
42	opovoemfoco.com	opovoemfoco.com
28	tpc.googlesyndication.com	opovoemfoco.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com opovoemfoco.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	opovoemfoco.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	platform-cdn.sharethis.com	opovoemfoco.com
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.happythemes.com	opovoemfoco.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cdn.onesignal.com	opovoemfoco.com
1	platform-api.sharethis.com	opovoemfoco.com
1	www.googletagmanager.com	opovoemfoco.com
1	fonts.googleapis.com	opovoemfoco.com
1	www.opovoemfoco.com	1 redirects
136	23

This site contains links to these domains. Also see Links.

Domain
vaka.me
www.twitter.com
www.facebook.com
www.happythemes.com

Subject Issuer	Validity	Valid
opovoemfoco.com cPanel, Inc. Certification Authority	`2021-03-13` - `2021-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
happythemes.com R3	`2021-05-13` - `2021-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://opovoemfoco.com/
Frame ID: 0DD61E193A041DEAAFD32DAD9D3C62EC
Requests: 78 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: BC1766D3C710FDE1C6F20CAA120ACDA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 104191731109A7D53E556A2AA649C57D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&adk=1812271804&adf=3025194257&lmt=1622187731&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fopovoemfoco.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187731861&bpp=3&bdt=663&idt=117&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=924655521206&frm=20&pv=2&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
Frame ID: EB435D0DBE5A1C52D52E5F213D7E1741
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=3253293875&pi=t.aa~a.2594507593~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=4&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0&nras=2&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1449&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IOTQHHtYgQ&p=https%3A//opovoemfoco.com&dtd=35
Frame ID: EAEDF04BD6FA5FE35035C0633C68EC6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41
Frame ID: 3A49577AB62E3208EC5A72B8A38ED51D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46
Frame ID: 0A117B1F4F1F38B3F7979B3E3B2064E1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51
Frame ID: 1AEAAE1A06DBA29C2864F8AE3FD4177A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=240&adk=2224437777&adf=1742890281&pi=t.aa~a.255320007~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x240&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=2&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280&nras=6&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3761&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7xNFm0NjTQ&p=https%3A//opovoemfoco.com&dtd=54
Frame ID: B020B72E2D6814E3CA02028D047E4018
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=100&adk=3941245255&adf=2053992917&pi=t.aa~a.1229739246~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x100&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280%2C300x240&nras=7&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4226&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=z7JNh44s6K&p=https%3A//opovoemfoco.com&dtd=59
Frame ID: 56A7937B791B2D87EFBA2EDEB0B31A74
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html
Frame ID: 968DD2C763C99B1BF831D2777B031A02
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CIL4v1J6wYKyZDuCCwuIPjfaVgAHTwp3_YprXyJPjDbak8ozTBxABILD3qBJglQKgAfCduvIDyAEJqQKpVKNaV3C0PqgDAcgDSKoE1wFP0NoZsOnDzHHuza7Zeh-hcEAGqE4Ew6Hciv98TbX4ZuRfT6muKecGItq0QCvGECXEyGIMAYCaUrDj1uvxKNvHjizvzj4xP__jij0FMzxukH7eOzRhcyGKrlI9d8AoFUB3D5WBsDABMRMzwPfHPbZoJ3oPGlJu_cSc2yOTNNdU58A44MnNAuRdyQcDKmWv76k1KeQBLzPmepfjx3LcjDPQeqVO0yRJJjeqDhYm66jh54PPX-v9rXqjIBpretyCbZVWuM_8vu3SPOz05MDV7V7Y-L0_gR2788AEtoXX73iSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-OHFDagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCFln3SCAkIgOGAEBABGB-ACgHICwHYEwLQFQGYFgGAFwGyFxoKGAgAEhRwdWItOTMzMjA2Njk3NzUxMTA4OQ&sigh=xiNXNknysk4&template_id=419
Frame ID: 3468518479B7A90AED49C641725B1A01
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AE5F81885C1DCEF94A3F12257350B353
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Frame ID: B34911F4D92180B8CBA1E15BAB83ABAC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CW24e1J6wYLrLDYWFwuIP6Nm0sAKNpPKkYcaqg96rDZDvxMedFhABILD3qBJglQKgAaPWsMQDyAEJqQL2ymYTNnO0PqgDAcgDSKoE4gFP0P0NzEKMpH9BAuFFMGvZam8WrJ6A0xvvoyuJ9E0BEmTgnW5q7eszNkwXGM-UTxhid25lqXpBipmyJQG4bFM04km0pvEvdZPY1GAiiCugBdMQ17qz-_7EJv9iqmEwn14glbA61vlF79dbuk9MSp2CARnss9OQeySW4T7fhagii_ZSQQ0iP7r-SEdb1iRM-9D4GMssPi2AWvgvLBx-e8nkDm_Ho1uuwUcZbg3BJAnjinWqf0i0H5Z9WaX_MqmqMfaP52l5P-LbHrq4ksKmovj3rO1ebgeloQCGasXI02QVIvlMwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDE9DfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTMzMjA2Njk3NzUxMTA4OQ&sigh=6r1OSPz83Gw&template_id=419
Frame ID: 94D8278F679FA65C155D7F2E581DB3B6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4C1DA5AD72DBDD0275B5011F7A8E08F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Frame ID: 02E941DD85A6DD135CC1DDEC7A861D79
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A29FEE02437AF93B5B956DCC4B3CFDCF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: EC28C74708F42CC2A4BD1C0D6A2D1CA8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FD44273C83F97E6651C7CF10F3D41D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.opovoemfoco.com/ HTTP 301
https://opovoemfoco.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

136
Requests

100 %
HTTPS

81 %
IPv6

16
Domains

23
Subdomains

28
IPs

2
Countries

2299 kB
Transfer

3803 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://vaka.me/j29olj
Title: Apoie-nos

Search URL Search Domain Scan URL

URL: http://www.twitter.com/opovoemfoco_

Search URL Search Domain Scan URL

URL: http://www.facebook.com/opovoemfoco

Search URL Search Domain Scan URL

URL: https://www.happythemes.com/
Title: HappyThemes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.opovoemfoco.com/ HTTP 301
https://opovoemfoco.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
opovoemfoco.com/
Redirect Chain

https://www.opovoemfoco.com/
https://opovoemfoco.com/

103 KB
15 KB

769ms
769ms

Document
text/html

67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache / PHP/7.4.16
Resource Hash: a72ad4a87387d87e2e90c3505e8798323f1ff00ecbbf721aefe588a6aedc776c

Request headers

:method: GET
:authority: opovoemfoco.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:10 GMT
server: Apache
x-powered-by: PHP/7.4.16
link: <https://opovoemfoco.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Fri, 28 May 2021 07:42:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15244
content-type: text/html; charset=UTF-8

Redirect headers

date: Fri, 28 May 2021 07:42:09 GMT
server: Apache
x-powered-by: PHP/7.4.16
x-redirect-by: WordPress
location: https://opovoemfoco.com/
cache-control: max-age=0
expires: Fri, 28 May 2021 07:42:09 GMT
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 6 KB
817 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67bc675875f4e5e7d636dbc7da38268c23f3a5370233ac2331a7193add7cfd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 May 2021 05:49:33 GMT
server: ESF
date: Fri, 28 May 2021 07:42:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 May 2021 07:42:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 21ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131835244-1

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9698d31baaaeaa6b53b0ad43e12a1da5e1b87b19f566b14b29fad3b8b8de361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35862
x-xss-protection: 0
last-modified: Fri, 28 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 May 2021 07:42:11 GMT

GET
H2 200 style.min.css
opovoemfoco.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 162ms
159ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 15:41:37 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7849
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 mu-style.css
opovoemfoco.com/wp-content/plugins/sharethis-share-buttons/css/ 26 B
152 B 156ms
153ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

:path: /wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 22 Aug 2017 00:36:20 GMT
server: Apache
vary: User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 style.css
opovoemfoco.com/wp-content/themes/newsnow/ 57 KB
11 KB 228ms
225ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/style.css?ver=20180523
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 43d8fce3a337b7a745c3b12c1e1c2f6fbf03512342dfe3044e4577a59eaaf48a

Request headers

:path: /wp-content/themes/newsnow/style.css?ver=20180523
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10696
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 genericons.css
opovoemfoco.com/wp-content/themes/newsnow/genericons/ 154 B
185 B 156ms
154ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons.css?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

:path: /wp-content/themes/newsnow/genericons/genericons.css?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 129
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 responsive.css
opovoemfoco.com/wp-content/themes/newsnow/ 13 KB
2 KB 158ms
156ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/responsive.css?ver=20161209
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 113e153cd01d73c26f4f1015ed0d4ffbb0c9a1c909fe6b3793c780d71814fec7

Request headers

:path: /wp-content/themes/newsnow/responsive.css?ver=20161209
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2094
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 style.css
opovoemfoco.com/wp-content/plugins/newsletter/ 6 KB
1 KB 156ms
154ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/plugins/newsletter/style.css?ver=7.1.8
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

:path: /wp-content/plugins/newsletter/style.css?ver=7.1.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 19:13:02 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1198
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 frontend-gtag.min.js Show response
opovoemfoco.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 156ms
154ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Request headers

:path: /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:30:40 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2801
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 11ms
10ms Script
text/javascript 2600:9000:2182:600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 36225e386f80d3706232990cc4ca5d50c69bfb3dfb8bbf99d89acfd892c158a5

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:32:22 GMT
content-encoding: gzip
age: 589
etag: W/"19322-6F8eje7mEH07iqf1oc8H7fNRIug"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: IoZLsk1CFIfiBW6lK_xFqx-UuNzcbxsxwf-UmCIVmEi6aySM2uT_Ig==

GET
H2 200 jquery.min.js Show response
opovoemfoco.com/wp-includes/js/jquery/ 87 KB
30 KB 283ms
282ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 19:04:00 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30916
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
opovoemfoco.com/wp-includes/js/jquery/ 11 KB
4 KB 158ms
156ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 19:04:00 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4169
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 May 2021 07:42:11 GMT

GET
H2 200 logo300x90.png
opovoemfoco.com/wp-content/uploads/2019/01/ 3 KB
3 KB 156ms
153ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/01/logo300x90.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 2b62ab86703c0ff1beff7591d4151685a6335fa4013a895e441b749ebea049f7

Request headers

:path: /wp-content/uploads/2019/01/logo300x90.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Sun, 06 Jan 2019 18:04:56 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3286
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 banner-728x90.png
opovoemfoco.com/wp-content/uploads/2019/01/ 51 KB
52 KB 155ms
154ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/01/banner-728x90.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 4893752656cc7d5f8690be5389519314eb776cc152bc299c4a55f90bc954ac40

Request headers

:path: /wp-content/uploads/2019/01/banner-728x90.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Sun, 06 Jan 2019 18:00:01 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 52335
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131835244-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4519
date: Fri, 28 May 2021 06:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 28 May 2021 08:26:52 GMT

GET
H2 200 wp-emoji-release.min.js Show response
opovoemfoco.com/wp-includes/js/ 14 KB
5 KB 154ms
154ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 03:35:30 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4662
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 banner-300x250.png
opovoemfoco.com/wp-content/uploads/2019/01/ 3 KB
3 KB 152ms
152ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/01/banner-300x250.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 378251db9dc7c47ab37d55dfc82287bd892c3b01d34735541f6cf670de39a668

Request headers

:path: /wp-content/uploads/2019/01/banner-300x250.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Sun, 06 Jan 2019 18:23:00 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2860
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 icon-twitter.png
www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/ 1 KB
1 KB 33ms
31ms Image
image/png 194.1.147.53
WPX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/icon-twitter.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.1.147.53 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF02 /
Resource Hash: c65bbe7e278afea762b40363a4bcdc29301b63057d4ec21e0e9ba90e6c751783

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:35 GMT
age: 37
x-edge-location: WPX CLOUD/FF02
x-cache: HIT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1301
pragma: public
referrer-policy
last-modified: Tue, 20 Oct 2020 16:06:09 GMT
server: WPX CLOUD/FF02
etag: "515-5f8f0af1-0;;;"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 May 2022 07:41:35 GMT

GET
H2 200 icon-facebook.png
www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/ 935 B
971 B 34ms
32ms Image
image/png 194.1.147.53
WPX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/icon-facebook.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.1.147.53 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF02 /
Resource Hash: e55869541d8d62428b5dbe5b9fb103a5f6d4279d92d501ffefc6933f09327c42

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:35 GMT
age: 37
x-edge-location: WPX CLOUD/FF02
x-cache: HIT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 935
pragma: public
referrer-policy
last-modified: Tue, 20 Oct 2020 16:06:09 GMT
server: WPX CLOUD/FF02
etag: "3a7-5f8f0af1-0;;;"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 May 2022 07:41:35 GMT

GET
H2 200 icon-google-plus.png
www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/ 1 KB
1 KB 32ms
31ms Image
image/png 194.1.147.53
WPX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/icon-google-plus.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.1.147.53 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF02 /
Resource Hash: 310922b929aa57b74de517f74fb52edf5201c2f3d007ff49e43af71ad38d6310

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:35 GMT
age: 37
x-edge-location: WPX CLOUD/FF02
x-cache: HIT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1349
pragma: public
referrer-policy
last-modified: Tue, 20 Oct 2020 16:06:09 GMT
server: WPX CLOUD/FF02
etag: "545-5f8f0af1-0;;;"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 May 2022 07:41:35 GMT

GET
H2 200 icon-youtube.png
www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/ 1 KB
1 KB 31ms
31ms Image
image/png 194.1.147.53
WPX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.happythemes.com/demo/newsnow-pro/wp-content/themes/newsnow-pro/assets/img/icon-youtube.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.1.147.53 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF02 /
Resource Hash: 87f22b4839be51ff0db3f4a36971a541d8775486441207fa64bdb97948700a3f

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:35 GMT
age: 37
x-edge-location: WPX CLOUD/FF02
x-cache: HIT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1428
pragma: public
referrer-policy
last-modified: Tue, 20 Oct 2020 16:06:09 GMT
server: WPX CLOUD/FF02
etag: "594-5f8f0af1-0;;;"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 May 2022 07:41:35 GMT

GET
H2 200 superfish.js Show response
opovoemfoco.com/wp-content/themes/newsnow/assets/js/ 7 KB
2 KB 155ms
155ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/assets/js/superfish.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

:path: /wp-content/themes/newsnow/assets/js/superfish.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2414
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 modernizr.min.js Show response
opovoemfoco.com/wp-content/themes/newsnow/assets/js/ 15 KB
6 KB 157ms
157ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/assets/js/modernizr.min.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

:path: /wp-content/themes/newsnow/assets/js/modernizr.min.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6246
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 html5.js Show response
opovoemfoco.com/wp-content/themes/newsnow/assets/js/ 10 KB
3 KB 157ms
153ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/assets/js/html5.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

:path: /wp-content/themes/newsnow/assets/js/html5.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3122
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 jquery.custom.js Show response
opovoemfoco.com/wp-content/themes/newsnow/assets/js/ 3 KB
593 B 155ms
152ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/assets/js/jquery.custom.js?ver=20170628
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 932c9568d4e84014b305a72fff85330093277abf03f68eee9c8c7d9088498256

Request headers

:path: /wp-content/themes/newsnow/assets/js/jquery.custom.js?ver=20170628
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 559
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 wp-embed.min.js Show response
opovoemfoco.com/wp-includes/js/ 1 KB
822 B 155ms
152ms Script
application/javascript 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-includes/js/wp-embed.min.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 03:35:30 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 765
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.4
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1462
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6565d84abcf94a67-FRA
cf-request-id: 0a538582b500004a67ff925000000001
expires: Mon, 31 May 2021 07:42:11 GMT

GET
H2 200 genericons.css
opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons/ 28 KB
16 KB 156ms
156ms Stylesheet
text/css 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons/genericons.css
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons.css?ver=5.6.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

:path: /wp-content/themes/newsnow/genericons/genericons/genericons.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons.css?ver=5.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/wp-content/themes/newsnow/genericons/genericons.css?ver=5.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
last-modified: Sun, 30 Dec 2018 21:13:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16441
expires: Sat, 28 May 2022 07:42:11 GMT

GET
H2 200 5c32c06b6aa2aa0011451f69.js Show response
buttons-config.sharethis.com/js/ 787 B
1 KB 26ms
25ms Script
text/javascript 2600:9000:2182:f800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c32c06b6aa2aa0011451f69.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f91bdc0226ee0299e83d54f8d4fb1e2b151590211a41a899e3593e20b6f2e0f

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:35 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jan 2019 03:16:35 GMT
server: AmazonS3
age: 37
etag: "77f02b7f0c9f758294ed7a308065fa21"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 787
x-amz-cf-id: COWiDp7w9fWuPx2HaTU4Pb73YC0xW1433OlQTKjDuV89R_pMGtcTag==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://opovoemfoco.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 209391
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://opovoemfoco.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
age: 209391
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin: https://opovoemfoco.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 fase-carnaval-720x480.png
opovoemfoco.com/wp-content/uploads/2021/01/ 302 KB
304 KB 156ms
151ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2021/01/fase-carnaval-720x480.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: bf3ca351db5713c36f13be049365168a1cbe8e9e6c246e0d85f0dfc3a6767ec5

Request headers

:path: /wp-content/uploads/2021/01/fase-carnaval-720x480.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Fri, 29 Jan 2021 18:36:43 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 309418
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 combustivelFotoMarcosSantos001-300x200.jpg
opovoemfoco.com/wp-content/uploads/2020/12/ 16 KB
16 KB 209ms
205ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/combustivelFotoMarcosSantos001-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 995e2aca18a20c8e1007e5d647faa600907b1a237c633fd7b9f7dbaa23beac81

Request headers

:path: /wp-content/uploads/2020/12/combustivelFotoMarcosSantos001-300x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 29 Dec 2020 22:19:52 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15942
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 pandemia_fim_de_ano-300x200.png
opovoemfoco.com/wp-content/uploads/2020/12/ 54 KB
55 KB 209ms
205ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/pandemia_fim_de_ano-300x200.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 658fc82cab2e749e613b64b4b9e80fc14677773de8ab9677a739b9ce5a3def27

Request headers

:path: /wp-content/uploads/2020/12/pandemia_fim_de_ano-300x200.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 22 Dec 2020 17:44:00 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 55743
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 64354276_2733116076705112_7691367836710600704_n-300x200.jpg
opovoemfoco.com/wp-content/uploads/2020/12/ 9 KB
10 KB 302ms
302ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/64354276_2733116076705112_7691367836710600704_n-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: f353e91b2f6882817486cb4c31da79a519c6e29de2359880352ab14f2b11ac78

Request headers

:path: /wp-content/uploads/2020/12/64354276_2733116076705112_7691367836710600704_n-300x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 22 Dec 2020 02:41:12 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9611
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 64354276_2733116076705112_7691367836710600704_n-600x400.jpg
opovoemfoco.com/wp-content/uploads/2020/12/ 27 KB
27 KB 302ms
302ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/64354276_2733116076705112_7691367836710600704_n-600x400.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 4778dcab6b996cd56cf5b0650f970a88bb5dc045504e2c80dbc22a7ff6c1937f

Request headers

:path: /wp-content/uploads/2020/12/64354276_2733116076705112_7691367836710600704_n-600x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 22 Dec 2020 02:41:12 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27662
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 campanha-de-vacinacao-contra-covid-condemat-edited-300x200.png
opovoemfoco.com/wp-content/uploads/2020/12/ 49 KB
50 KB 297ms
297ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/campanha-de-vacinacao-contra-covid-condemat-edited-300x200.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: b347e21baf5cae51c305d98fe76947aaaa6dd86bedd2141025ff5ca2acf63f8e

Request headers

:path: /wp-content/uploads/2020/12/campanha-de-vacinacao-contra-covid-condemat-edited-300x200.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Thu, 10 Dec 2020 17:43:44 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50619
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 LuisCamargoxJoseLuizMonteiro-300x200.png
opovoemfoco.com/wp-content/uploads/2020/12/ 105 KB
106 KB 302ms
301ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/LuisCamargoxJoseLuizMonteiro-300x200.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 9f09381f73891decdd6ad9d9d14e983e2886a5371abe806bb991ef059cf6a70a

Request headers

:path: /wp-content/uploads/2020/12/LuisCamargoxJoseLuizMonteiro-300x200.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
last-modified: Tue, 08 Dec 2020 18:27:13 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 107415
expires: Sun, 27 Jun 2021 07:42:11 GMT

GET
H2 200 TCE8-300x200.jpg
opovoemfoco.com/wp-content/uploads/2020/12/ 10 KB
10 KB 153ms
152ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/TCE8-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 0fabfd36287fde44b0909f8979e7a5c0cab49f90e6d3c00fe1d4ddaa5637d9dd

Request headers

:path: /wp-content/uploads/2020/12/TCE8-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Fri, 04 Dec 2020 20:55:58 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10483
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 g_1562077566-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/10/ 11 KB
11 KB 152ms
152ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/10/g_1562077566-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 86293e44d58e1e8f256d27908d26824c28184c4588d7d34a60e5276121c548dc

Request headers

:path: /wp-content/uploads/2019/10/g_1562077566-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Mon, 07 Oct 2019 12:10:56 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11254
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 fase-carnaval-600x400.png
opovoemfoco.com/wp-content/uploads/2021/01/ 220 KB
221 KB 153ms
151ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2021/01/fase-carnaval-600x400.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 36cba8b96faf45e4d6a6291bf10a7a88ee0f73d13a0640ad3547bdf572b1aed9

Request headers

:path: /wp-content/uploads/2021/01/fase-carnaval-600x400.png
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Fri, 29 Jan 2021 18:36:43 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 224944
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 InscricaoAniversarioAruja-300x200.jpeg
opovoemfoco.com/wp-content/uploads/2019/04/ 15 KB
15 KB 161ms
160ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/04/InscricaoAniversarioAruja-300x200.jpeg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 8b75a67f5c8b6cfac7c8113bb7c7cf13bed72f7b8c8c299cbb897a6ff9466c31

Request headers

:path: /wp-content/uploads/2019/04/InscricaoAniversarioAruja-300x200.jpeg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Mon, 15 Apr 2019 01:30:43 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15585
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 cultura-01-300x200.jpeg
opovoemfoco.com/wp-content/uploads/2019/02/ 9 KB
9 KB 165ms
165ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/02/cultura-01-300x200.jpeg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 0139f086e9d87dc85607e71fac32f16532ca97215e38b40682135dd26e19275e

Request headers

:path: /wp-content/uploads/2019/02/cultura-01-300x200.jpeg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Mon, 18 Feb 2019 23:47:52 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9461
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 flame-580342_1920-300x200.jpg
opovoemfoco.com/wp-content/uploads/2020/12/ 9 KB
9 KB 156ms
155ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2020/12/flame-580342_1920-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: a7848e0345cbfdda55325a5e4804dacac9b5885411c1be9dc63bac8b04894af0

Request headers

:path: /wp-content/uploads/2020/12/flame-580342_1920-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Thu, 03 Dec 2020 11:03:07 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9280
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190313-WA0062.jpg
opovoemfoco.com/wp-content/uploads/2019/03/ 16 KB
16 KB 159ms
159ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/03/IMG-20190313-WA0062.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 7ed0f094ab5e56199e6f86d3a19c8faa75801ef8f1b6824bef8fc0869fb93514

Request headers

:path: /wp-content/uploads/2019/03/IMG-20190313-WA0062.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Wed, 13 Mar 2019 19:38:04 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16398
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190227-WA0000-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/02/ 13 KB
14 KB 160ms
159ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/02/IMG-20190227-WA0000-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 142889913df3fc2d875920871ce23546e0b95937a3e65186c3338f6e3fc228d6

Request headers

:path: /wp-content/uploads/2019/02/IMG-20190227-WA0000-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Wed, 27 Feb 2019 09:00:32 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13691
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 camaraMunicipadeAruja-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/02/ 15 KB
15 KB 157ms
153ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/02/camaraMunicipadeAruja-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 23fc400a12c29f66e5ccec206bbef0b8256d1896537bbdcf5516ec2933c10bea

Request headers

:path: /wp-content/uploads/2019/02/camaraMunicipadeAruja-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Sun, 24 Feb 2019 21:33:09 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14959
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190514-WA0049-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/05/ 19 KB
19 KB 156ms
154ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/05/IMG-20190514-WA0049-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: f11b175fe8bf3197476825c16801f8c13b0e60aee14f3b5ef627b4990be17a1e

Request headers

:path: /wp-content/uploads/2019/05/IMG-20190514-WA0049-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Tue, 14 May 2019 18:39:07 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19577
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190513-WA0047-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/05/ 14 KB
14 KB 155ms
154ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/05/IMG-20190513-WA0047-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 9ce3d720e9864d2056ed14be116925c01ae9cd2c176036a181c32f806f802bc7

Request headers

:path: /wp-content/uploads/2019/05/IMG-20190513-WA0047-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Tue, 14 May 2019 10:09:46 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14237
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190430-WA0049-300x200.jpg
opovoemfoco.com/wp-content/uploads/2019/04/ 11 KB
11 KB 156ms
155ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/04/IMG-20190430-WA0049-300x200.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 6366599460988d5a2573f89253658648fffa1dec7b363fe8fe8931680da5ff7d

Request headers

:path: /wp-content/uploads/2019/04/IMG-20190430-WA0049-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Tue, 30 Apr 2019 16:13:13 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11612
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 IMG-20190130-WA0036-600x400.jpg
opovoemfoco.com/wp-content/uploads/2019/01/ 44 KB
44 KB 156ms
155ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/01/IMG-20190130-WA0036-600x400.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: a1d43c3ea114a0038c6a880b6cbf54ea2313fd52d6437c6579c3062703aa8413

Request headers

:path: /wp-content/uploads/2019/01/IMG-20190130-WA0036-600x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Wed, 30 Jan 2019 15:29:00 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45149
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 agrotoxicos_brasil-600x350.jpg
opovoemfoco.com/wp-content/uploads/2019/07/ 48 KB
48 KB 153ms
153ms Image
image/jpeg 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/07/agrotoxicos_brasil-600x350.jpg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 546ecebb52eb90dcd74cc7f06279be1b7247d2d720318592402ddc8c0585c21a

Request headers

:path: /wp-content/uploads/2019/07/agrotoxicos_brasil-600x350.jpg
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Wed, 24 Jul 2019 08:51:46 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49380
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 arrecadacao-brumadinho-300x200.png
opovoemfoco.com/wp-content/uploads/2019/01/ 118 KB
118 KB 153ms
153ms Image
image/png 67.23.238.41
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opovoemfoco.com/wp-content/uploads/2019/01/arrecadacao-brumadinho-300x200.png
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.41 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: us123-cp.valueserver.com.br
Software: Apache /
Resource Hash: 5dc4d251da696f0cdaccec5c8fc32cad7c6e58448558991d3b8b9435165a9ef0

Request headers

:path: /wp-content/uploads/2019/01/arrecadacao-brumadinho-300x200.png
pragma: no-cache
cookie: _ga=GA1.2.1972819701.1622187732; _gid=GA1.2.158424555.1622187732; _gat_gtag_UA_131835244_1=1; __gads=ID=7169d5aebc299e57-22888bf44bc8009d:T=1622187732:RT=1622187732:S=ALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA; st_shares_https://opovoemfoco.com/=[object Object]
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: opovoemfoco.com
referer: https://opovoemfoco.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
last-modified: Tue, 29 Jan 2019 19:03:50 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 120385
expires: Sun, 27 Jun 2021 07:42:12 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame BC17 2 KB
1 KB 11ms
11ms Document
text/html 2600:9000:2182:a400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Fri, 28 May 2021 07:25:19 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 3btgGsPOe7dtrH3cnMVgD3hRagZ4vVyr9f_wY2jeQPpRtAQDg_B1LQ==
age: 1012

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=11090425&t=pageview&_s=1&dl=https%3A%2F%2Fopovoemfoco.com%2F&ul=en-us&de=UTF-8&dt=O%20Povo%20em%20Foco%20-%20Jornal%20O%20Povo%20em%20Foco&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=448926782&gjid=1863433706&cid=1972819701.1622187732&tid=UA-131835244-1&_gid=158424555.1622187732&_r=1&gtm=2ou5q1&did=dZGIzZG&z=677126256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 May 2021 07:42:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://opovoemfoco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9332066977511089&plah=opovoemfoco.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 May 2021 07:42:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 1041 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 27 May 2021 22:01:17 GMT
expires: Thu, 10 Jun 2021 22:01:17 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 34854
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 188 B
434 B 134ms
132ms Script
text/javascript 3.209.191.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb3&url=https%3A%2F%2Fopovoemfoco.com%2F
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.191.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-191-86.compute-1.amazonaws.com
Software: / Express
Resource Hash: 3486c9f9e01ce861333b3952122752ff4849efebdb12e2ae2edcd5d1b19a50a2

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 07:42:11 GMT
Cache-Control: public, max-age=900
ETag: b02d80bcf9022a9e4f11cddd7a7b66eb
Connection: keep-alive
X-Powered-By: Express
Content-Length: 188
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 15ms
12ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 May 2021 17:58:45 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1172607
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: y96FuB3NQbXAmDG_6UaH4MqLyZlxBIRxUpcN0W8Y7SXQDQNSFueY6g==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 15ms
13ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 09:16:00 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 858372
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: rfE3ViQkr9bCcMiFixO19e6VqkS-Dj4y9Xq9cViPWJFzONVsp4o1Pw==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 16ms
14ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 10:59:15 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 852176
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: -U14Jg6yd4qjM2wRMIplcSaWIeX1uuupVqgJ-8SMywCZi7_LPgJThw==

GET
H2 200 vk.svg
platform-cdn.sharethis.com/img/ 1 KB
974 B 16ms
14ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/vk.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 00:56:45 GMT
content-encoding: gzip
etag: W/"f238e4028c98d372f31a02eebee35a6f"
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 110727
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 5lWVUaY9Yu-UREiF-ZbQbhDvvRPW9PsgR7lTOkEj46rLFQwS4bDiPA==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 16ms
14ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 16:02:42 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 920370
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: -8iqetfMwTSm4qrIQmQ5sIXnEIKWNpTzY4ZRxjMC_FXPqy3ulJvOBw==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
723 B 16ms
14ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 May 2021 01:48:15 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1403637
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: 3NZf9VxmDiwLm-amYnJdNF6VlF5SLMLVds7fl8q7AF9Ty1ydEMQOfQ==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
892 B 12ms
9ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 15 May 2021 08:11:19 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1121453
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: fOIvvROlGvp47-ojyF5g7U2k_tebSKdFvG5uzdS2pSw6HTSlP2agaQ==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
945 B 12ms
10ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 08 May 2021 08:49:07 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1723984
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: Y4Py3lFJkqhz4Dp06wpWnxB7E0FYPHKAS3KIEHEvx_1vZIAeAsiv0A==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
942 B 12ms
10ms Image
image/svg+xml 2600:9000:2182:2600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by: Host: opovoemfoco.com
URL: https://opovoemfoco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 May 2021 17:59:03 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1172589
etag: "9928d025bd5792b718ee0a185f62e67c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: foMMoS6dm2JQNDsAZtbzqgY9crslZpuasBEQCQ0rMkTsn7r6gM-O4w==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
337 B 83ms
83ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=opovoemfoco.com&location=%2F&product=unknown&url=https%3A%2F%2Fopovoemfoco.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=O%20Povo%20em%20Foco%20-%20Jornal%20O%20Povo%20em%20Foco&cms=unknown&publisher=5c32c06b6aa2aa0011451f69&sop=true&bsamesite=true&consent_cookie_duration=353&consent_duration=353&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Jornal%20O%20Povo%20em%20Foco
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 07:42:12 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://opovoemfoco.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
259 B 43ms
42ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=opovoemfoco.com&callback=_gfp_s_&client=ca-pub-9332066977511089

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9332066977511089&plah=opovoemfoco.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5124685cc217b3e6316935612442be48aec70b66fb30120c17a8a4b90059b932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opovoemfoco.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opovoemfoco.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 07:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB43 19 KB
2 KB 69ms
68ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&adk=1812271804&adf=3025194257&lmt=1622187731&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fopovoemfoco.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187731861&bpp=3&bdt=663&idt=117&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=924655521206&frm=20&pv=2&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2c56f3ae0352662a9670dfb537517f8d7f69c2c99792041cdf5da6b94e99e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&adk=1812271804&adf=3025194257&lmt=1622187731&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fopovoemfoco.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187731861&bpp=3&bdt=663&idt=117&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=924655521206&frm=20&pv=2&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 1655
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-May-2021 07:57:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 28 May 2021 07:42:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opovoemfoco.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 07:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opovoemfoco.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 07:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAED 399 B
223 B 174ms
174ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=3253293875&pi=t.aa~a.2594507593~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=4&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0&nras=2&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1449&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IOTQHHtYgQ&p=https%3A//opovoemfoco.com&dtd=35

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1814b105d71c158b3da0d65c1501f0653cb0c2602d91341d14eb5aca20a31dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=3253293875&pi=t.aa~a.2594507593~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=4&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0&nras=2&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1449&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IOTQHHtYgQ&p=https%3A//opovoemfoco.com&dtd=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUk6WK_jF7EY87aOPyq2L8MYsfMjBnH_GVd1uM9Rn3TYWdMZd0pWaB6GXWng6FM; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A49 108 KB
35 KB 790ms
790ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87791a1a456989de2830a853921cfd4be9b3144d85b6cfc56b68c728c547d1bb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqFp5zw6_ACFYWCUAYd6CwNJg&gqi=1J6wYJ7xDPSBmwfcuKawCQ&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqFp5zw6_ACFYWCUAYd6CwNJg&gqi=1J6wYJ7xDPSBmwfcuKawCQ&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 35639
x-xss-protection: 0
set-cookie: IDE=AHWqTUlvuhO0-6vB2L6Jk4_d8e8Re5tLRpmehhgK5RxNlyahZg9y8FpGqQpEt0o69Lk; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A11 93 KB
33 KB 1060ms
1060ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99d18f8245ce7688c0f69721d56f1eed2f45df76fdc6f76ff6840a5b68d1afbd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNOop5zw6_ACFRm47Qod25UPmA&gqi=1J6wYMKjDY691fAPsd-Y0AU&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNOop5zw6_ACFRm47Qod25UPmA&gqi=1J6wYMKjDY691fAPsd-Y0AU&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:13 GMT
server: cafe
content-length: 34109
x-xss-protection: 0
set-cookie: IDE=AHWqTUkGw72NZOmz96E7uuGsdaE1SLZMdWT1podnOVM3xSKLDcRhjDECkqDFVY4nQPE; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AEA 109 KB
35 KB 623ms
622ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddd0327662248ef32874736c5ed4710c86ad6cb4b720bc3e237d2b0862f90e76

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKzTp5zw6_ACFWCBUAYdDXsFEA&gqi=1J6wYPbBDdWBmweTia2oCQ&layout=/sadbundle/%24csp%253Der3%24/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKzTp5zw6_ACFWCBUAYdDXsFEA&gqi=1J6wYPbBDdWBmweTia2oCQ&layout=/sadbundle/%24csp%253Der3%24/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 35776
x-xss-protection: 0
set-cookie: IDE=AHWqTUka3WhL04aXEWHwndol4YXBdkS9XAK6skjE5TmKXJ92MEoF6zlJMSxuFxRyReI; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B020 399 B
223 B 170ms
168ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=240&adk=2224437777&adf=1742890281&pi=t.aa~a.255320007~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x240&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=2&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280&nras=6&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3761&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7xNFm0NjTQ&p=https%3A//opovoemfoco.com&dtd=54

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353f9e27b643547e34ad557c6e1c7543c193f2b12c75ce0e7d65782c8971b58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=240&adk=2224437777&adf=1742890281&pi=t.aa~a.255320007~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x240&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=2&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280&nras=6&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3761&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7xNFm0NjTQ&p=https%3A//opovoemfoco.com&dtd=54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUns-ySbg474VhCOWw5I4jnRssEW6yR9mVGVKF4r_M4pWvjbatEnAX8BTurbepw; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56A7 399 B
223 B 199ms
199ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=100&adk=3941245255&adf=2053992917&pi=t.aa~a.1229739246~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x100&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280%2C300x240&nras=7&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4226&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=z7JNh44s6K&p=https%3A//opovoemfoco.com&dtd=59

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb7eea7d77d9ce0cb51578b5e1d3285ae2324ea8b1bef327f99e63e5cd7255c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9332066977511089&output=html&h=100&adk=3941245255&adf=2053992917&pi=t.aa~a.1229739246~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x100&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600%2C430x280%2C300x240&nras=7&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4226&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=z7JNh44s6K&p=https%3A//opovoemfoco.com&dtd=59
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 May 2021 07:42:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUmvx-kTuPqs_jrcq9YI9Db0YPquO1oiGqH_979_mCFQqZbcsmP3bgd3VHmQ0x0; expires=Wed, 22-Jun-2022 07:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:12 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/ Frame 968D 70 KB
44 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0124d3198661e17da56fd6d92bb0e6c6c5e3318600363f9f3f350c6a7ff3008f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 27 May 2021 21:34:01 GMT
expires: Fri, 27 May 2022 21:34:01 GMT
last-modified: Wed, 21 Apr 2021 23:39:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 44122
age: 36491
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3468 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIL4v1J6wYKyZDuCCwuIPjfaVgAHTwp3_YprXyJPjDbak8ozTBxABILD3qBJglQKgAfCduvIDyAEJqQKpVKNaV3C0PqgDAcgDSKoE1wFP0NoZsOnDzHHuza7Zeh-hcEAGqE4Ew6Hciv98TbX4ZuRfT6muKecGItq0QCvGECXEyGIMAYCaUrDj1uvxKNvHjizvzj4xP__jij0FMzxukH7eOzRhcyGKrlI9d8AoFUB3D5WBsDABMRMzwPfHPbZoJ3oPGlJu_cSc2yOTNNdU58A44MnNAuRdyQcDKmWv76k1KeQBLzPmepfjx3LcjDPQeqVO0yRJJjeqDhYm66jh54PPX-v9rXqjIBpretyCbZVWuM_8vu3SPOz05MDV7V7Y-L0_gR2788AEtoXX73iSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-OHFDagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCFln3SCAkIgOGAEBABGB-ACgHICwHYEwLQFQGYFgGAFwGyFxoKGAgAEhRwdWItOTMzMjA2Njk3NzUxMTA4OQ&sigh=xiNXNknysk4&template_id=419

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 28 May 2021 07:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 3468 17 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:40:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 3468 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:39:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3468 121 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 07:42:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 3468 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:41:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:41:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3468 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTciaRW9DwOaVB_D3jNski4pKlaW74SNwq5qyaAK85JNzymSis6ioa77WPgkTzGC-yZWNQUtnQ_0XUr6d2M8_vcpws-jw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 968D 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 968D 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H3-29 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/ Frame 968D 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 595705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 23:39:35 GMT
server: sffe
date: Fri, 21 May 2021 10:13:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 10:13:47 GMT

GET
H3-29 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/ Frame 968D 17 KB
17 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 525171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17698
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 23:39:35 GMT
server: sffe
date: Sat, 22 May 2021 05:49:21 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 05:49:21 GMT

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/ Frame 968D 28 KB
28 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b4a819d1f549f29f9681b30e8eb207fb27774f92aa9d4289a380901dcf78f18

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 103312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28790
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 23:39:35 GMT
server: sffe
date: Thu, 27 May 2021 03:00:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 03:00:20 GMT

GET
H3-29 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/ Frame 968D 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 595705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 23:39:35 GMT
server: sffe
date: Fri, 21 May 2021 10:13:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 10:13:47 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE5F 143 B
163 B 9ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUka3WhL04aXEWHwndol4YXBdkS9XAK6skjE5TmKXJ92MEoF6zlJMSxuFxRyReI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=133357044&adf=45620500&pi=t.aa~a.4162979979~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=958&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280%2C300x600&nras=5&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2956&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=AfRidfHmnk&p=https%3A//opovoemfoco.com&dtd=51

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 May 2021 07:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 3468 0
56 B 41ms
39ms Other
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKzTp5zw6_ACFWCBUAYdDXsFEA&gqi=1J6wYPbBDdWBmweTia2oCQ&layout=/sadbundle/%24csp%253Der3%24/13309764347718084255/nt_s21-DE_300x250_find-the-tyres-that-suit-you/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 28 May 2021 07:42:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3468 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f936ade97a424ffe7d7bb1c35469f5e2fa0ecb6bd897b8e2d13365b64b7548

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 968D 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE5F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlvuhO0-6vB2L6Jk4_d8e8Re5tLRpmehhgK5RxNlyahZg9y8FpGqQpEt0o69Lk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 28-May-2021 08:42:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame 968D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 59990
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 27 May 2022 15:02:22 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame B349 11 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5442514344972767536/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2960
date: Tue, 25 May 2021 22:17:13 GMT
expires: Wed, 25 May 2022 22:17:13 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 206700
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94D8 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW24e1J6wYLrLDYWFwuIP6Nm0sAKNpPKkYcaqg96rDZDvxMedFhABILD3qBJglQKgAaPWsMQDyAEJqQL2ymYTNnO0PqgDAcgDSKoE4gFP0P0NzEKMpH9BAuFFMGvZam8WrJ6A0xvvoyuJ9E0BEmTgnW5q7eszNkwXGM-UTxhid25lqXpBipmyJQG4bFM04km0pvEvdZPY1GAiiCugBdMQ17qz-_7EJv9iqmEwn14glbA61vlF79dbuk9MSp2CARnss9OQeySW4T7fhagii_ZSQQ0iP7r-SEdb1iRM-9D4GMssPi2AWvgvLBx-e8nkDm_Ho1uuwUcZbg3BJAnjinWqf0i0H5Z9WaX_MqmqMfaP52l5P-LbHrq4ksKmovj3rO1ebgeloQCGasXI02QVIvlMwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDE9DfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTMzMjA2Njk3NzUxMTA4OQ&sigh=6r1OSPz83Gw&template_id=419

Requested by

Host: opovoemfoco.com
URL: https://opovoemfoco.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 28 May 2021 07:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 94D8 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:39:08 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 94D8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:34:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94D8 121 KB
37 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 07:42:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 94D8 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:34:17 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C1D 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlvuhO0-6vB2L6Jk4_d8e8Re5tLRpmehhgK5RxNlyahZg9y8FpGqQpEt0o69Lk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=280&adk=419266829&adf=4214403535&pi=t.aa~a.3242869890~rp.3&w=430&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=430x280&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600&nras=3&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=trXgySSoOB&p=https%3A//opovoemfoco.com&dtd=41

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 May 2021 07:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 774
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 94D8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbd4494b652bb210035d79a229a6db3531d4c82a408dbc7f121e9c5bf75e7295

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 94D8 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqFp5zw6_ACFYWCUAYd6CwNJg&gqi=1J6wYJ7xDPSBmwfcuKawCQ&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 28 May 2021 07:42:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B349 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B349 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B349 57 KB
23 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 07:42:13 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C1D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlvuhO0-6vB2L6Jk4_d8e8Re5tLRpmehhgK5RxNlyahZg9y8FpGqQpEt0o69Lk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 28-May-2021 08:42:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame B349 906 B
933 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 357407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Mon, 24 May 2021 04:25:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 04:25:26 GMT

GET
H3-29 200 1ad6b5aa39cdeb703ff094f477328c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame B349 38 KB
38 KB 8ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/1ad6b5aa39cdeb703ff094f477328c96.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 552929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38697
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Fri, 21 May 2021 22:06:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 22:06:44 GMT

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame B349 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 59991
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 27 May 2022 15:02:22 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 0A11 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:39:08 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0A11 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:34:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A11 121 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 07:42:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0A11 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 07:34:17 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 02E9 11 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16986808040249150219/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2990
date: Fri, 28 May 2021 04:51:05 GMT
expires: Sat, 28 May 2022 04:51:05 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 10268
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0A11 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYOGr1J6wYNPuDZnwtgfbq77ACY2k8qRh7qqD3qsNkO_Ex50WEAEgsPeoEmCVAqABo9awxAPIAQmpAvbKZhM2c7Q-qAMByANIqgTcAU_Q6LbBpZlrUTjvxINEpAwYWHThRzCvCICG9y_PQxVxq6PnKbyHb8HegmHswqsLEtldbfJUdRJsTwMTDuxjIcdheofoX6ElB4-PkBPopS5VZXNuwKwZNLtMw-5yBjc8lVGGjMa6MKG4IFffdWDsBwHR8rjRVC3GnpkO9uIHYKkKAEfZpTv7F_OGTs1VSAvOIJ93_6_Fk1QeUQQz0rk3xVz6teVdrHBPsISpxqkq02Jzeo0M_yYIR6XpviUFetzYZ-PUazrznj47ou7iCAlXxNAzpZAOv8C8rUQImyvABMfPtL6yApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFqc87qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMfTFtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi05MzMyMDY2OTc3NTExMDg5&sigh=bsX1XvkqcZ8&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 28 May 2021 07:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A29F 143 B
163 B 10ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkGw72NZOmz96E7uuGsdaE1SLZMdWT1podnOVM3xSKLDcRhjDECkqDFVY4nQPE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9332066977511089&output=html&h=600&adk=2562254491&adf=4276347427&pi=t.aa~a.3891073050~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1622187732&rafmt=1&to=qs&pwprc=4451224861&psa=0&format=300x600&url=https%3A%2F%2Fopovoemfoco.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622187732156&bpp=1&bdt=959&idt=-M&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7169d5aebc299e57-22888bf44bc8009d%3AT%3D1622187732%3ART%3D1622187732%3AS%3DALNI_MZo_Rr7DHZooCUgnITx6R9jJ0JjlA&prev_fmts=0x0%2C300x600%2C430x280&nras=4&correlator=924655521206&frm=20&pv=1&ga_vid=1972819701.1622187732&ga_sid=1622187732&ga_hid=11090425&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=96551237707363&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Rl08gwxfiJ&p=https%3A//opovoemfoco.com&dtd=46

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 May 2021 07:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 774
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0A11 0
20 B 41ms
39ms Other
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNOop5zw6_ACFRm47Qod25UPmA&gqi=1J6wYMKjDY691fAPsd-Y0AU&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 28 May 2021 07:42:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0A11 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5a918ed7ecaacbda5c96a93e61988ab614bdae57cbfecec76d17ebbaa2bd9cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 02E9 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 02E9 26 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H3-29 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 02E9 57 KB
23 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 07:42:13 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A29F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkGw72NZOmz96E7uuGsdaE1SLZMdWT1podnOVM3xSKLDcRhjDECkqDFVY4nQPE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 28-May-2021 08:42:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 07:42:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 07:42:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 02E9 989 B
1019 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 551575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 989
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Fri, 21 May 2021 22:29:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 22:29:18 GMT

GET
H3-29 200 18b0007183d0bb7a5606546c7ff0290f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 02E9 116 KB
116 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/18b0007183d0bb7a5606546c7ff0290f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 551575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119162
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Fri, 21 May 2021 22:29:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 22:29:18 GMT

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame 02E9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 59991
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 27 May 2022 15:02:22 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 23ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ec23c4a92342426d2658f56c0be05d65c28c1cffb96cf4e6309342c0a869be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7661
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 28 May 2021 07:42:13 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame EC28 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 28 May 2021 06:44:20 GMT
expires: Sat, 28 May 2022 06:44:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3473
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FD4 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf621d2e681ed38341c75c9651a1fba683ca1019d390f034f36d4adcbc263fd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7BWMSXCAo1AgooInXIjT4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovoemfoco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovoemfoco.com/

Response headers

expires: Fri, 28 May 2021 07:42:13 GMT
date: Fri, 28 May 2021 07:42:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7BWMSXCAo1AgooInXIjT4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame EC28 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 59991
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 27 May 2022 15:02:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=96551237707363&bg=!MzClMHTNAAaMan2LjGo7ACkAdvg8WjhKEmWwDfMVHj_AMw5PTFGnfaHwMLdplI6m6d5cpDPqMyD6KgIAAABiUgAAAA5oAQcKAKhbrJeO5XQl6KX8X586uQHxRUc7kCJKLx_eK-JFglXBdb7J9E5wVUXBXJBy_Q-rEfj6tyRqJ343OL2Tlxv9VFSrBY3TkMa9cEWry4yR1oxUvxo7NpZdnVp7iVQWcFoZfAyIFV4kDJHCtEGDcJgI0hDPWJCjuCwZmbqREQPBQTjalzqkFogAUuT6QzYmDCwZaVehNlyMS4w13tnRqKpELK4aeKy5eWxFOUWZAkFyI22jGPlyeAqbWjOEXPE1SM_LwDmI2eJz7cBIcz4BvKYrerVI4gU7jIYvvWcgl5XfDdKP4eh_ARoKt-s3qwYi7_H_Ho3WMVIOVMXP-DDUVWoeHn5qQNgw_G0s4MvPcI9QjtX9vtpWSZjOjJzHicjeMXxww3wlvEJvsL29rqaWXKy-czCdJs7K89RK-NV71Om_mFNnclj-K86arVUsN2Lpb848jM5i5VOkUHKjtSPf9mkPdGudKygexPBg9Uu6c2fOChBPd8dcU3tXBQ-NKo402fRPdrjyhBBKzkkDfWVDHRJ5Xc5DUHq47mL6GrwQDevUdCxlRuDpy34xKg0y_610c4LcYhSY2QyeWw2iCVO0N4yRTSi2om3IE52KLZ0SVSTeGkoxPF_m6PLuplx4q06hg-0bSPHzrVpmyNExM2zb8sON37lK040Ax2HqAH3jah55hPrCRpI5zYgBoLYy52Qe2O66nlWVi-0k-RoIH_ArY7b-KbscARXsybPKlT-XxB25O9TAfQQxdm3-0nox__jrro2A-RfS35vs7ORjdtEiR6L4VSKg-0KgtUm5bwfGJ5YQdxFvDp20K_YHvkxulDD1xmgBnluhpWb-oXDOdMIkoSpXie3hoyTqjb4X92gNIvMdXvnMk4Uaj-erwhBAm9CLAmCBA6WNuo5vvhfiWBIbL0HtIEx5CQDJjLNmH3RQbyWocF2XXiYKRTXg_G5PC62OylUkyyRMvGcSz50M7DehD1ntdMGloq4b-a9YhBGvye1b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opovoemfoco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 07:42:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 03:58:03	Name: IDE Value: AHWqTUkGw72NZOmz96E7uuGsdaE1SLZMdWT1podnOVM3xSKLDcRhjDECkqDFVY4nQPE
			.doubleclick.net/	1970-01-19 18:36:31	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://opovoemfoco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.4(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.onesignal.com
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
opovoemfoco.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.happythemes.com
www.opovoemfoco.com
142.250.181.226
194.1.147.53
2600:9000:2182:2600:1d:85c3:6640:93a1
2600:9000:2182:600:1c:8a07:5e80:93a1
2600:9000:2182:a400:c:a9b7:ddc0:93a1
2600:9000:2182:f800:c:abe:f440:93a1
2606:4700::6812:e134
2a00:1450:4001:802::2002
2a00:1450:4001:803::2006
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
3.209.191.86
52.29.0.64
67.23.238.41
0124d3198661e17da56fd6d92bb0e6c6c5e3318600363f9f3f350c6a7ff3008f
0139f086e9d87dc85607e71fac32f16532ca97215e38b40682135dd26e19275e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
0b2c56f3ae0352662a9670dfb537517f8d7f69c2c99792041cdf5da6b94e99e7
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0fabfd36287fde44b0909f8979e7a5c0cab49f90e6d3c00fe1d4ddaa5637d9dd
113e153cd01d73c26f4f1015ed0d4ffbb0c9a1c909fe6b3793c780d71814fec7
11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f
142889913df3fc2d875920871ce23546e0b95937a3e65186c3338f6e3fc228d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1814b105d71c158b3da0d65c1501f0653cb0c2602d91341d14eb5aca20a31dfc
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
23fc400a12c29f66e5ccec206bbef0b8256d1896537bbdcf5516ec2933c10bea
2b62ab86703c0ff1beff7591d4151685a6335fa4013a895e441b749ebea049f7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
310922b929aa57b74de517f74fb52edf5201c2f3d007ff49e43af71ad38d6310
3486c9f9e01ce861333b3952122752ff4849efebdb12e2ae2edcd5d1b19a50a2
353f9e27b643547e34ad557c6e1c7543c193f2b12c75ce0e7d65782c8971b58c
36225e386f80d3706232990cc4ca5d50c69bfb3dfb8bbf99d89acfd892c158a5
36cba8b96faf45e4d6a6291bf10a7a88ee0f73d13a0640ad3547bdf572b1aed9
378251db9dc7c47ab37d55dfc82287bd892c3b01d34735541f6cf670de39a668
43d8fce3a337b7a745c3b12c1e1c2f6fbf03512342dfe3044e4577a59eaaf48a
4778dcab6b996cd56cf5b0650f970a88bb5dc045504e2c80dbc22a7ff6c1937f
4893752656cc7d5f8690be5389519314eb776cc152bc299c4a55f90bc954ac40
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5124685cc217b3e6316935612442be48aec70b66fb30120c17a8a4b90059b932
546ecebb52eb90dcd74cc7f06279be1b7247d2d720318592402ddc8c0585c21a
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54f936ade97a424ffe7d7bb1c35469f5e2fa0ecb6bd897b8e2d13365b64b7548
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5dc4d251da696f0cdaccec5c8fc32cad7c6e58448558991d3b8b9435165a9ef0
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6366599460988d5a2573f89253658648fffa1dec7b363fe8fe8931680da5ff7d
658fc82cab2e749e613b64b4b9e80fc14677773de8ab9677a739b9ce5a3def27
67bc675875f4e5e7d636dbc7da38268c23f3a5370233ac2331a7193add7cfd76
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7b4a819d1f549f29f9681b30e8eb207fb27774f92aa9d4289a380901dcf78f18
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
7ed0f094ab5e56199e6f86d3a19c8faa75801ef8f1b6824bef8fc0869fb93514
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
86293e44d58e1e8f256d27908d26824c28184c4588d7d34a60e5276121c548dc
87791a1a456989de2830a853921cfd4be9b3144d85b6cfc56b68c728c547d1bb
87f22b4839be51ff0db3f4a36971a541d8775486441207fa64bdb97948700a3f
8b75a67f5c8b6cfac7c8113bb7c7cf13bed72f7b8c8c299cbb897a6ff9466c31
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
932c9568d4e84014b305a72fff85330093277abf03f68eee9c8c7d9088498256
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
995e2aca18a20c8e1007e5d647faa600907b1a237c633fd7b9f7dbaa23beac81
99d18f8245ce7688c0f69721d56f1eed2f45df76fdc6f76ff6840a5b68d1afbd
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9ce3d720e9864d2056ed14be116925c01ae9cd2c176036a181c32f806f802bc7
9f09381f73891decdd6ad9d9d14e983e2886a5371abe806bb991ef059cf6a70a
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
9f91bdc0226ee0299e83d54f8d4fb1e2b151590211a41a899e3593e20b6f2e0f
a1d43c3ea114a0038c6a880b6cbf54ea2313fd52d6437c6579c3062703aa8413
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a72ad4a87387d87e2e90c3505e8798323f1ff00ecbbf721aefe588a6aedc776c
a7848e0345cbfdda55325a5e4804dacac9b5885411c1be9dc63bac8b04894af0
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3
b347e21baf5cae51c305d98fe76947aaaa6dd86bedd2141025ff5ca2acf63f8e
bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7
bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9
bf3ca351db5713c36f13be049365168a1cbe8e9e6c246e0d85f0dfc3a6767ec5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c65bbe7e278afea762b40363a4bcdc29301b63057d4ec21e0e9ba90e6c751783
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cb7eea7d77d9ce0cb51578b5e1d3285ae2324ea8b1bef327f99e63e5cd7255c6
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
cf621d2e681ed38341c75c9651a1fba683ca1019d390f034f36d4adcbc263fd2
d1ec23c4a92342426d2658f56c0be05d65c28c1cffb96cf4e6309342c0a869be
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dbd4494b652bb210035d79a229a6db3531d4c82a408dbc7f121e9c5bf75e7295
ddd0327662248ef32874736c5ed4710c86ad6cb4b720bc3e237d2b0862f90e76
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55869541d8d62428b5dbe5b9fb103a5f6d4279d92d501ffefc6933f09327c42
e5a918ed7ecaacbda5c96a93e61988ab614bdae57cbfecec76d17ebbaa2bd9cd
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9698d31baaaeaa6b53b0ad43e12a1da5e1b87b19f566b14b29fad3b8b8de361
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f11b175fe8bf3197476825c16801f8c13b0e60aee14f3b5ef627b4990be17a1e
f353e91b2f6882817486cb4c31da79a519c6e29de2359880352ab14f2b11ac78
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

opovoemfoco.com Open in urlscan Pro 67.23.238.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

81 %IPv6

16 Domains

23 Subdomains

28 IPs

2 Countries

2299 kBTransfer

3803 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

opovoemfoco.com Open in urlscan Pro
67.23.238.41 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

81 %
IPv6

16
Domains

23
Subdomains

28
IPs

2
Countries

2299 kB
Transfer

3803 kB
Size

2
Cookies

136 HTTP transactions
5 data transactions