entreterse.com.br Open in urlscan Pro
104.21.68.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://entreterse.com.br/
Effective URL:
https://entreterse.com.br/
Submission: On March 16 via api (March 16th 2021, 12:02:52 pm UTC) from US

Summary HTTP 324 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 52 domains to perform 324 HTTP transactions. The main IP is 104.21.68.181, located in United States and belongs to CLOUDFLARENET, US. The main domain is entreterse.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time entreterse.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 28	104.21.68.181 104.21.68.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
65	52.216.185.211 52.216.185.211	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	52.5.234.188 52.5.234.188	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
43	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	13.32.21.49 13.32.21.49	16509 (AMAZON-02) (AMAZON-02)
1	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:8400:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:206... 2600:9000:206f:8200:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST)
2 9	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4 4	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
2 3	54.228.114.223 54.228.114.223	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.178 208.100.17.178	32748 (STEADFAST) (STEADFAST)
1 1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.19.239.39 52.19.239.39	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 6	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	34.197.150.80 34.197.150.80	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
324	56

28 104.21.68.181 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

entreterse.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

api.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 52.216.185.211 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

entreterse.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.234.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

as.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.21.49 (United States)

ASN16509 (AMAZON-02, US)

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)

d.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8400:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8200:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (United States)

ASN32748 (STEADFAST, US)

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.108.145.8 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.15 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.114.223 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.239.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-239-39.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.63.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.216 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.150.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

px.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	amazonaws.com entreterse.s3.amazonaws.com	3 MB
54	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com	477 KB
43	facebook.com www.facebook.com	981 KB
28	entreterse.com.br 4 redirects entreterse.com.br	484 KB
20	doubleclick.net 4 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	210 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	245 KB
17	infolinks.com resources.infolinks.com router.infolinks.com	276 KB
13	google.com 2 redirects www.google.com fundingchoicesmessages.google.com adservice.google.com	79 KB
9	pubmatic.com 8 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	5 KB
9	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	10 KB
8	gravatar.com secure.gravatar.com	32 KB
8	cazamba.com api.cazamba.com as.cazamba.com cdn.cazamba.com px.cazamba.com	43 KB
6	googletagservices.com www.googletagservices.com	183 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	150 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	3 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google.de www.google.de adservice.google.de	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	7 KB
2	trvdp.com go.trvdp.com s.trvdp.com	91 KB
2	tailtarget.com d.tailtarget.com d.t.tailtarget.com	6 KB
2	truvidplayer.com stg.truvidplayer.com	7 KB
2	facebook.net connect.facebook.net	62 KB
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	simpli.fi 1 redirects um.simpli.fi	627 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	turn.com 1 redirects ad.turn.com	425 B
1	2mdn.net s0.2mdn.net	23 KB
1	ad-score.com data.ad-score.com	726 B
1	rfihub.com 1 redirects p.rfihub.com	755 B
1	ck-ie.com 1 redirects us.ck-ie.com	482 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	33across.com ssc-cms.33across.com	72 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	navdmp.com tag.navdmp.com	3 KB
1	googleadservices.com partner.googleadservices.com	646 B
1	cloudflare.com cdnjs.cloudflare.com	31 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
324	52

	Domain	Requested by
65	entreterse.s3.amazonaws.com	entreterse.com.br
43	www.facebook.com	entreterse.com.br connect.facebook.net www.facebook.com
38	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com entreterse.com.br 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com pagead2.googlesyndication.com
28	entreterse.com.br	4 redirects entreterse.com.br
14	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
14	pagead2.googlesyndication.com	entreterse.com.br pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
12	fonts.gstatic.com	fonts.googleapis.com
8	secure.gravatar.com	entreterse.com.br
6	image8.pubmatic.com	5 redirects router.infolinks.com
6	www.googletagservices.com	pagead2.googlesyndication.com cdn.cazamba.com googleads.g.doubleclick.net 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects entreterse.com.br
4	cm.g.doubleclick.net	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	ib.adnxs.com	4 redirects
4	www.google.com	2 redirects entreterse.com.br 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
4	fonts.googleapis.com	entreterse.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net entreterse.com.br
3	cdn.cazamba.com	api.cazamba.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	www.google-analytics.com	api.cazamba.com www.google-analytics.com
3	resources.infolinks.com	entreterse.com.br resources.infolinks.com
2	px.cazamba.com	entreterse.com.br
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	eus.rubiconproject.com	router.infolinks.com eus.rubiconproject.com
2	stg.truvidplayer.com	entreterse.com.br go.trvdp.com
2	as.cazamba.com	api.cazamba.com
2	connect.facebook.net	entreterse.com.br connect.facebook.net
1	token.rubiconproject.com	router.infolinks.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.adotmob.com	1 redirects
1	ad.turn.com	1 redirects
1	s0.2mdn.net	tpc.googlesyndication.com
1	data.ad-score.com	s.trvdp.com
1	p.rfihub.com	1 redirects
1	us.ck-ie.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.trvdp.com	go.trvdp.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	go.trvdp.com	stg.truvidplayer.com
1	d.t.tailtarget.com	d.tailtarget.com
1	tag.navdmp.com	as.cazamba.com
1	d.tailtarget.com	as.cazamba.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	entreterse.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	imasdk.googleapis.com	api.cazamba.com
1	cdnjs.cloudflare.com	api.cazamba.com
1	ajax.googleapis.com	api.cazamba.com
1	cdn.onesignal.com	entreterse.com.br
1	api.cazamba.com	entreterse.com.br
1	www.googletagmanager.com	entreterse.com.br
324	76

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
meujornal.com.br
somosdecristo.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.cazamba.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-09` - `2022-09-11`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.truvidplayer.com Amazon	`2021-02-17` - `2022-03-18`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.trvdp.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2020-09-02` - `2021-10-04`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://entreterse.com.br/
Frame ID: BB112E7CDCF21AF230D8E07C95675003
Requests: 169 HTTP requests in this frame

Frame: https://as.cazamba.com/cs?publisher_id=1719&g=1615896149
Frame ID: 04769644C12BEDDFE49A958B8D76B559
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121
Frame ID: 0D813967E722211D723752944355D49C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=4029023989&adf=2055030453&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=3&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XVo4NifHtA&p=https%3A//entreterse.com.br&dtd=127
Frame ID: 78137F23FA66EF9E8518A56AC721098C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=55860125&adf=2087349704&pi=t.ma~as.2032392315&w=250&lmt=1615896149&psa=0&format=250x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=7&bdt=963&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Kk3zvDfhbk&p=https%3A//entreterse.com.br&dtd=134
Frame ID: E9FD2886DBCF0A3348B91039D88A748D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138
Frame ID: C4BC5A1FDC712CB31DB987E512293ED0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&adk=1812271804&adf=3025194257&lmt=1615896149&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fentreterse.com.br%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615896149597&bpp=1&bdt=1345&idt=1&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250%2C970x250&nras=1&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=9&uci=a!9&fsb=1&dtd=9
Frame ID: C3FC85EDD8366F74BD0259A24EBE4863
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
Frame ID: F09982A4B19E5AFBD0CF652C60F2BD2B
Requests: 26 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 705ECE85F4C0355476AEA7163092C202
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 67A3C902736C92F52A18712929CDEFCF
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3bdd62b912d4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FS%25C3%25A9ries-Novidades-e-Resenhas-237370657149250%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 8B8EC1E15A11BA6279E6F95B1922C3AF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f29f4a7bc448%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FLivros-Novidades-e-Resenhas-116030259804690%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 76B5EB7FB7E82EB9199E04D05E816F8A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27ad43e2f90774%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAnimes-Novidades-e-Resenhas-102980351118309%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: A615897383E819C5D95A0FBAEF99ABD6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 99A539FE5A8DD350D7EB64ACCFBAE038
Requests: 4 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Frame ID: 4E4FE604D5A0E125B7897189DBA99DD7
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html
Frame ID: 728130B83AA102A831EB5380F17D4DE8
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 2F1084424C3FE5882441EA13EF1BA9A8
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 1B2CB47BF086D261172DA0834AB59873
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: 91856CC5E2AF01CAFA46EADBABABA566
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 8DDCB63C297FCF14317B5448D2999174
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: C5A3A77274A2F6C24B6DB9B336F66A81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5C8FBB7293C6292FD1661CAC01A4DE17
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: 12A946F913CD81B8F8E9AEB94BE31E27
Requests: 1 HTTP requests in this frame

Frame: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0ED51136D8820409CEA6C1D35DD0F62F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html
Frame ID: 43C32668D70F9F58C077711213502A09
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3A7B6C0642FE7792253446EF50897D5B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7D9B7C9A515CAC325B15465247975445
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://entreterse.com.br/ HTTP 301
https://entreterse.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

324
Requests

99 %
HTTPS

46 %
IPv6

52
Domains

76
Subdomains

56
IPs

7
Countries

6865 kB
Transfer

14781 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/entreterse/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/entreterse/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/entreterse
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9kPYxYZBakKY_tTI0XjpBw
Title:

Search URL Search Domain Scan URL

URL: https://meujornal.com.br/
Title: Meu Jornal

Search URL Search Domain Scan URL

URL: https://somosdecristo.com.br/
Title: Somos de Cristo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NetflixNovidadeseResenhas/
Title: Netflix

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinemaFilmes-Novidades-e-Resenhas-1745469165579368
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.facebook.com/S%C3%A9ries-Novidades-e-Resenhas-237370657149250
Title: Séries

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Livros-Novidades-e-Resenhas-116030259804690/
Title: Livros

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Animes-Novidades-e-Resenhas-102980351118309
Title: Animes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Amazon-Prime-Video-Novidades-e-Resenhas-103513391432168/
Title: Prime Vídeo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://entreterse.com.br/ HTTP 301
https://entreterse.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/css/style.min.css?ver=1.3.9 HTTP 301
https://entreterse.com.br/park-min-young-dramas-coreanos-61205/

Request Chain 2

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/css/shoppable-images-front.min.css?ver=1.3.9 HTTP 301
https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

Request Chain 12

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/js/slideup.js?ver=1.3.9 HTTP 301
https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

Request Chain 13

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.9 HTTP 301
https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

Request Chain 14

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/js/coupons.js?ver=1.3.9 HTTP 301
https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

Request Chain 93

https://sb.scorecardresearch.com/b?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=&cs_ak_ss=1

Request Chain 244

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

Request Chain 246

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Request Chain 248

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=4969976837644932607

Request Chain 249

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6057422261 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6057422261 HTTP 302
https://sync.1rx.io/usersync/tradedesk/dc007b7b-525c-4815-8501-ee01bacb727e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003

Request Chain 251

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 253

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fentreterse.com.br%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fentreterse.com.br%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fentreterse.com.br%2F&pid=12306&adnxs_uid=4969976837644932607

Request Chain 255

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c123be1-864f-11eb-8589-02396ffc09cc HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c123be1-864f-11eb-8589-02396ffc09cc&verify=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-2A62sWlE2uEyHgqfeb5CUSTcguWux5xz~A~UP7c123be1-864f-11eb-8589-02396ffc09cc

Request Chain 256

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=46331cfe0fa39a00d93a6d11

Request Chain 257

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUEzQzYxQjItQTI1Ri00MjJELTkxRjgtOTM1OTA5MUFFMDhE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D5423F848-686F-4113-9015-58CAB8F2AEB4 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=5423F848-686F-4113-9015-58CAB8F2AEB4

Request Chain 258

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyM0Y4NDgtNjg2Ri00MTEzLTkwMTUtNThDQUI4RjJBRUI0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 259

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550

Request Chain 261

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1871597493480780176

Request Chain 262

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7c50481a-864f-11eb-95c5-1a404fd53c06 HTTP 302
https://router.infolinks.com/dyn/sx-usync?uid=7c5047a9-864f-11eb-95c5-1a404fd53c06

Request Chain 263

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-G9wzAZ9E2uG6DMhQ6.gaaRva0tKMo2ZaJ6rj9gY-~A

Request Chain 286

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFCeVqYApMjvaIJInUCePQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMLh5dZmQ1_sQQUD-FJjcU&google_cver=1

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFCeVqYApMjvaIJInUCePQAABF4AAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEFaDHAA7I0zSPxXKRb7e30&google_cver=1

Request Chain 289

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB&dcc=t

Request Chain 290

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4136079386408712909

Request Chain 291

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ff220427ce5dd431cb1957&expiration=[EXPIRATION]&gdpr=1

Request Chain 292

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB8DFD3F3C6541F195F51FD43059664E&gdpr=1

Request Chain 293

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1615982551&gdpr=1

Request Chain 298

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 322

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

324 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
entreterse.com.br/
Redirect Chain

http://entreterse.com.br/
https://entreterse.com.br/

504 KB
39 KB

180ms
136ms

Document
text/html

104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c48100f4c753d6a563db33f4b68738a61e6d7add2cfb2645715b0cbbf641e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: entreterse.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4baf260af3f349f30a70f43fc9a8804f1615896148; expires=Thu, 15-Apr-21 12:02:28 GMT; path=/; domain=.entreterse.com.br; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/" <https://entreterse.com.br/wp-json/wp/v2/pages/285>; rel="alternate"; type="application/json" <https://entreterse.com.br/>; rel=shortlink
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-runcloud-srcache-fetch: HIT
x-runcloud-srcache-store: BYPASS
x-runcache-type: srcache
cf-cache-status: DYNAMIC
cf-request-id: 08dc83909a00004c6e8eb00000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bsndtX8rAjdAXzR3lXlqTcK2h4E%2BW3yn07pQECxFgbtdJIgMTYPh3Ry7tUL85ZbPAe5C88ivutM1d9ms5Qm%2F1yPROO1oKHNbRuAoJf%2Biauc7tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 630dd52dcc1b4c6e-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Tue, 16 Mar 2021 12:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Mar 2021 13:02:28 GMT
Location: https://entreterse.com.br/
cf-request-id: 08dc83904d00009cb1640f2000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2pyYRJhkq%2FMuIp97p8jeG8sTWVUaOluAv7rjbS6sL%2BE%2BS54BuWw5zct4iDI8z8YWF%2BZ4qOw5cQcTpI%2FcFnE9gW9Pvtki8jFWOqDKyuzAOSAldQ%3D%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 630dd52d4d829cb1-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
entreterse.com.br/wp-includes/css/dist/block-library/ 50 KB
8 KB 30ms
27ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-ray: 630dd52eae394c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Feb 2021 23:30:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60343e8e-c88a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VjilFhxKLbV1OL01KHp5mhVaPT%2FTHh%2FE4NnmAjJLbNWHNPOJA3VgJG7WRVZYMX3IhBDSi2QXPETCs5bQedXAzZPWOd5C53nDBrmIkFdRl1KM6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912b00004c6ec09da000000001
content-type: text/css
expires: Tue, 30 Mar 2021 04:49:10 GMT

GET

/
entreterse.com.br/park-min-young-dramas-coreanos-61205/
Redirect Chain

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/css/style.min.css?ver=1.3.9
https://entreterse.com.br/park-min-young-dramas-coreanos-61205/

0
0

GET

/
entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/
Redirect Chain

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/css/shoppable-images-front.min.css?ver=1.3.9
https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

0
0

GET
H2 200 style.css
entreterse.com.br/wp-content/plugins/td-composer/td-multi-purpose/ 67 KB
9 KB 33ms
30ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-polished: origSize=69458
cf-ray: 630dd52eae434c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 02:44:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004f614-10f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BwImLDSlJF6nm8OgrjYCpnOFmT0JrA%2Fzh1PpG3c7oMttQkYlTYnZ1JfWiNiQod8wm5SA5KjXAVqV6da7SfMcYKIbLakZyRwaOajoVV0ktjZJLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912d00004c6e8e34d000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b72129cf9ea003d4638461cc93e3972c5e2908ddf1ff62b383792138fa237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 12:02:28 GMT
server: ESF
date: Tue, 16 Mar 2021 12:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:02:28 GMT

GET
H2 200 style.css
entreterse.com.br/wp-content/themes/Newspaper/ 110 KB
19 KB 35ms
32ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/themes/Newspaper/style.css?ver=10.3.9.1

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-polished: origSize=156101
cf-ray: 630dd52eae444c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 02:44:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004f609-261c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nk1Q52dqRLh2%2BR6rKBz9pxoXeievsjjXvKQlt9z1Zg7oueDP383w82SvHHp2bUMmZaLYtmFPFZsE%2Bu7GD1VfSc7okqiVYwx0XYr81kxvtmEKGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912e00004c6ec380a000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 td_legacy_main.css
entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 198 KB
28 KB 58ms
55ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-polished: origSize=249828
cf-ray: 630dd52eae454c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 02:44:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004f614-3cfe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rehrjXS%2BfWtRz995BDXGathRJKhWk4S8hZi1e5NYksFFSBBRK1RSdgoaAcG959jsz8PtUpn%2BI19fSgLNpqSk4R4G80UykmPEFUvzBQ3654%2FWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912e00004c6ee5921000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 td_standard_pack_main.css
entreterse.com.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 494 KB
37 KB 42ms
39ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-polished: origSize=635683
cf-ray: 630dd52eae464c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 14:15:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"600597e8-9b323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HiujOracbzaK%2F9ojtjBESaaKP2HC8HFKehaoObfwFydBnVVnJWRCPOxnioxYgz8sgZNpMTTfOqeMmLICgKIilGy%2BMItG5aMrNaLErjD%2BRzdyvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912e00004c6eda089000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 demo_style.css
entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/ 3 KB
1 KB 30ms
28ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/demo_style.css?ver=10.3.9.1

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b943cae7cca107d69396ea5e549f905596e6e12b0683a632feabf5f40653aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-polished: origSize=3782
cf-ray: 630dd52ebe484c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 02:44:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004f613-ec6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0WB2rS8stWjjW2vTVhjReBfcQTXplLfNx3k0RXCrleMBvFgSkiPeI%2FoVZVEYcIyn2feJrtg35Gnr6IC797PWKz1bGNMEchTFdktPFYCx1C3g3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912f00004c6e8a1ab000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 tdb_less_front.css
entreterse.com.br/wp-content/plugins/td-cloud-library/assets/css/ 85 KB
12 KB 39ms
36ms Stylesheet
text/css 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398363
cf-polished: origSize=108923
cf-ray: 630dd52ebe4a4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Mon, 18 Jan 2021 14:14:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"600597d5-1a97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DvFKxrDJpaNkc7Mq3XbSMm6q1c5NqhQfYnyP7TGgU%2BLnXPoMaGxFiwE%2FftSI%2BsEbT%2BIaRybC2JOZLJ7Tn1eOJupaLKwIWmr5GMRDC%2BtPfRD5SA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912f00004c6e89232000000001
content-type: text/css
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
entreterse.com.br/wp-includes/js/jquery/ 87 KB
30 KB 50ms
48ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd52ebe4b4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 03:25:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004ffc6-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=475lfdTavtQDzj1Gsj9vfFoQtYNY%2FB533pMSIs9GSUr6jH%2F8KmUFg9U4y58qLUxaWBt1%2BnnxMLEvAEzj5lqUwJ2VBZWOoiJmch7GSbCTOLngvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83912f00004c6eb88c8000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
entreterse.com.br/wp-includes/js/jquery/ 11 KB
4 KB 55ms
53ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd52ece6b4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 03:25:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004ffc6-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hLKMADAr%2FLL2C7uRJjeYVZgxtFw%2Fps4MgIXfhWTOjH4gYFgA7wkdqgyleu9PehmtvEEKdCri%2Fc2KXLpzOBg6MnlFAcURk1xBzcltkz%2F9XS2LCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83913900004c6ec380b000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:10 GMT

GET
H2

200

/ Show response
entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/
Redirect Chain

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/js/slideup.js?ver=1.3.9
https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

225 KB
28 KB

132ms
132ms

Script
text/html

104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adc852fca088f68dba885b615f8b1d81dbf6be79dfce71714be72af83547c9a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-wp-cf-super-cache: cache
cf-ray: 630dd52f0f2c4c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eheXPpXIuk8AmDx1Z22kXbKD3u1cmIaLhiJ%2FS3iGz%2B9uz1OhElkhvknOBtOLqG2rdsm40Cw8u%2Bsx%2F%2BQWjNl1Q9%2BdPVO1JS5eFkVG%2F7LBxRFrzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: HIT
vary: Accept-Encoding
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83916a00004c6e9d32b000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/", <https://entreterse.com.br/wp-json/wp/v2/posts/75494>; rel="alternate"; type="application/json", <https://entreterse.com.br/?p=75494>; rel=shortlink
x-runcloud-srcache-store: BYPASS

Redirect headers

date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 378
x-wp-cf-super-cache: cache
cf-ray: 630dd52ece6c4c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qHy1WmBmymkRVGtlKHv%2Fu5oxNglFjlA3XHyvr2hN4cOUhz9Wr5JTy%2FZ8Ar4vMhIta%2Bo%2F5gkdrEyTWNymvjbkwC0K5Al3KXifU3DnksiSeP0oUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
location: https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/
x-runcloud-srcache-fetch: MISS
vary: Accept-Encoding
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83913900004c6ebb011000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/"
x-runcloud-srcache-store: STORE

GET
H2

200

/ Show response
entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/
Redirect Chain

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.9
https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

228 KB
28 KB

116ms
116ms

Script
text/html

104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4066d249f94dab60bc1a571727ea7ee87cb8947f6b16e74feb3a26f3cf7848e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-wp-cf-super-cache: cache
cf-ray: 630dd52f1f2f4c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CfjBlKeDCeLWcsfygejIiMURXy3xtuO2l8RXm1mRFsI1f6M1QYTRGuGV6TigzX4OMzOM3HSFDjJ2Bg3eajNqx%2Fv7R4RkTXh%2BX6Jngh4VdWIVvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: HIT
vary: Accept-Encoding
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83916b00004c6ee5926000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/", <https://entreterse.com.br/wp-json/wp/v2/posts/9823>; rel="alternate"; type="application/json", <https://entreterse.com.br/?p=9823>; rel=shortlink
x-runcloud-srcache-store: BYPASS

Redirect headers

date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 378
x-wp-cf-super-cache: cache
cf-ray: 630dd52ece6e4c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82dCq%2BBRlDy7DvQTzN9vncQogG0khajBjGAXkNPZe4aPNyhprhob4%2B7NGULjGiQ1E3gZ0fltcGgFcE%2FJ8nsxoKBSrxVao4B%2BT5wKkG1VwUiGYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
location: https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/
x-runcloud-srcache-fetch: HIT
vary: Accept-Encoding
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83913900004c6e86b42000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/"
x-runcloud-srcache-store: BYPASS

GET
H2

200

/ Show response
entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/
Redirect Chain

https://entreterse.com.br/wp-content/plugins/40d1d8ebeee041b0bde0c32b52875f2b-plugin/assets/js/coupons.js?ver=1.3.9
https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

225 KB
28 KB

129ms
129ms

Script
text/html

104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23df22ba47a1c6bb7f9d7fd3e57aadb5a036cf343d0495abec51d14f6b01aa6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-wp-cf-super-cache: cache
cf-ray: 630dd52f1f344c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F0OMO1y9Jo76YFZMHnGlk8qmtGsaOoL7HNJr6mYAulfQUVsvzHl3DjEroB6Hyxq%2BROlB3KjXmRuTfICUerNJG2l7HEk5Kn8Pfj3nvc7PwiJ9gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: HIT
vary: Accept-Encoding
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83916a00004c6ec0346000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/", <https://entreterse.com.br/wp-json/wp/v2/posts/75494>; rel="alternate"; type="application/json", <https://entreterse.com.br/?p=75494>; rel=shortlink
x-runcloud-srcache-store: BYPASS

Redirect headers

date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 378
x-wp-cf-super-cache: cache
cf-ray: 630dd52ece704c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-xss-protection: 1; mode=block
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QSMGN7qjhA1rCvj42W7oEE34%2FC00f2E9KbjvhCo5eecGIrmiizyBqUhB1RK%2Foa4K8yev3RCP9LY3XEVwLMcgi2dKeqrz2B%2FBUfjZNLUyp97GDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
location: https://entreterse.com.br/snowpiercer-expresso-do-amanha-quando-a-2a-temporada-chega-na-netflix-75494/
x-runcloud-srcache-fetch: MISS
vary: Accept-Encoding
x-wp-cf-super-cache-active: 1
cf-request-id: 08dc83913900004c6e772c0000000001
content-type: text/html; charset=UTF-8
link: <https://entreterse.com.br/wp-json/>; rel="https://api.w.org/"
x-runcloud-srcache-store: STORE

GET
H2 200 seo-automated-link-building.js Show response
entreterse.com.br/wp-content/plugins/seo-automated-link-building/js/ 355 B
573 B 58ms
56ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=5.6.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbc1076ec7f573ca6a689ed040859450bf254c1cbbd522cc153d065c10325f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-polished: origSize=493
cf-ray: 630dd52ece714c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 30 Mar 2021 04:49:10 GMT
last-modified: Sat, 27 Feb 2021 22:50:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"603accaa-1ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dWuHTcA7HEqQ0o2KpBDvQWygrBUXbt1ONvc4hCeUV3B%2BTn0XObrsPvZBWuQuxbypEotD7bEZa2qceXphH3vCLN7EmEpFBPmnA%2F9t28Mvz8GwPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83913a00004c6ec618a000000001
content-type: application/javascript
cf-bgj: minify

GET
H2 200 wp-emoji-release.min.js Show response
entreterse.com.br/wp-includes/js/ 14 KB
5 KB 47ms
38ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408189
cf-ray: 630dd53019bb4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 23:30:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b3209-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H4P6%2BtezYftaRHtP%2BRn%2FyK8geHBCd7DTpcCr0KI00jfYiZ3lfLK%2BAskahZ1zHiNCs8lyDNljwU3mDLUwHE9JnpZ0UjKyTi4VafDyHldBSHBpUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83921000004c6ee61af000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 32ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-39481927-2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4031e1f91e80b37f08e8f5016243fb88a9c9875eaa78caf6786742c8217160b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39805
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:28 GMT

GET
H2 200 api.js Show response
entreterse.com.br/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 35ms
26ms Script
text/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QC8r%2FacQOrTvUXMqq3ILm8yAgFcj4WKcfnHDoV4vTZr24FCui45OVhxGxZHNAJhB5CSPYiz8%2BRdFVss3S1xNPVC6tEBJBVxh7gj%2FDFouM7mPzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 630dd53019bd4c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dc83921000004c6ec09f1000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fca0b51fcb6db344456faa3b9899a6120de5ed618b28427f966b31079ddee735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://entreterse.com.br
Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2XyNEyt9lQNli7Z3BQQQOg==
cross-origin-resource-policy: cross-origin
expires: Tue, 16 Mar 2021 12:17:32 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 4Ci3tA5SXkM19AnejWYgewwu1nEb4uhOW+s4IMqtesuJT+PoVQJPL6tEBwLXAm8EL0cMF/0/KCP+BvekYAXaOw==
x-fb-trip-id: 917726464
x-fb-content-md5: a4b5088f18824c540aa5a04f415f33d9
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 12:02:28 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "672da1beb71963df2a0ee6e7204a78a3"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 czmb.min.js Show response
api.cazamba.com/common/ 105 KB
33 KB 87ms
25ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cazamba.com/common/czmb.min.js
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 19:11:35 GMT
server: AmazonS3
x-amz-request-id: 6ZFY4RBK5YDQ8KDP
etag: "fd80cc799e36e281e75205cb74648bb1"
x-hw: 1615896148.cds158.fr8.hn,1615896148.cds160.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, no-transform, public, no-cache,no-transform,must-revalidate
content-length: 33535
accept-ranges: bytes
x-amz-version-id: VqCIYLFA9K3Y98t7mA4Tr4UkJwF3jmzR
x-amz-id-2: cKwNzWOhULr53b4VwmvrRjkSLOyx/UN/exgRRdw1RHOncw3hwjSlzKEsqLT3NpOnTJA8TLcC19g=

GET
H/1.1 200
OK entreterse-2272x90.png
entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/ 9 KB
10 KB 429ms
116ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/entreterse-2272x90.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fa5d3abdc6827b786784cba2d543bd24a5c044b9ff8ef3c07f25b14c375a58a

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Thu, 18 Jun 2020 12:15:47 GMT
Server: AmazonS3
x-amz-request-id: YSMF80YJKJZGARPD
ETag: "482b32b17d2e062bbd86b9c09513613c"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9361
x-amz-id-2: Nfohr9GmGqNijN0TsqJXBJbuWXRejIAjHaZfSCU8/LRpS7IGb6xvITGEsZgUY8G7jjtN0tlpu54=
Expires: Fri, 18 Jun 2021 12:15:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b144fb40dc94ef312b2a28701da77e88a1d738e0bcf9a6f75c77635503483835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49956
x-xss-protection: 0
server: cafe
etag: 3873043268518483981
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:02:28 GMT

GET
H/1.1 200
OK logo-Entreterse.png
entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/ 10 KB
11 KB 431ms
119ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/logo-Entreterse.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27edbe1b70ab95f66341f82f773e94e469995730b3839a6d6bc4b71713439abe

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Thu, 18 Jun 2020 12:14:56 GMT
Server: AmazonS3
x-amz-request-id: YSM2SMK281BSENWK
ETag: "e5d35895b53aee7e1a70ac0d71b0df17"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10604
x-amz-id-2: xZFP+OhundYNumCEFUONwbnIOY/o/PyzmGPH6JIxI1exog2rUIbLHzJf+7wkO03t/wEvoTaV3OM=
Expires: Fri, 18 Jun 2021 12:14:55 GMT

GET
H/1.1 200
OK Nerve-3-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 10 KB
11 KB 428ms
115ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Nerve-3-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf6fe0ef9cc20bb63723f03fa570321390a1648a9b5606f45551c8a64886d946

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Mon, 15 Mar 2021 20:25:34 GMT
Server: AmazonS3
x-amz-request-id: YSMEDW3WEAZ1DXXV
ETag: "38d2acdc3f6afa8fb159cdbc574ccb0b"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10686
x-amz-id-2: otT/n7uoZe5su4vS6wDsp9cQ4JVdiNU5M4LrT7THk+LmzQ83C/CI+oBG+a+iZtbrCkqIGNZwxrM=
Expires: Tue, 15 Mar 2022 20:25:33 GMT

GET
H/1.1 200
OK The-One-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 13 KB
14 KB 427ms
114ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/The-One-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aad607bb118c64ecff7bb76bdde7068bf9c0269259158e0357f06062e17897df

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Thu, 11 Mar 2021 21:20:43 GMT
Server: AmazonS3
x-amz-request-id: YSMBMTQB2C5Q6BZY
ETag: "85a5801cbc499c43b9856d4c0721d04a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 13492
x-amz-id-2: d38CFHZ+ZYjK2qtq4YIMVHXdEtt9UZ3XEwHYZJ7ZSLH7VrWXtzNbHgfvwXeUa/i1UHTtYb41GRM=
Expires: Fri, 11 Mar 2022 21:20:42 GMT

GET
H/1.1 200
OK love-alarm-1-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 9 KB
10 KB 435ms
122ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/love-alarm-1-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c259b4fda69529034285dd9afe1018357f20d4ae81a845e1049cb92f0e15c415

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Sat, 13 Mar 2021 18:23:58 GMT
Server: AmazonS3
x-amz-request-id: YSMBFRMPGJK8EES7
ETag: "b40119bc6f672d58db8f1a9a8761971f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9309
x-amz-id-2: mkbmmcyXFLXsarKsx80Ej3jzH3CT85O21Z7KNYu1pI++jWO2B8TcKbY5G1JW9WRFg4Np76VzEpQ=
Expires: Sun, 13 Mar 2022 18:23:57 GMT

GET
H/1.1 200
OK YES_DAY_00_28_56_07_R2-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 10 KB
10 KB 544ms
110ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/YES_DAY_00_28_56_07_R2-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8af0d35369e860749eb38996845c88f4ab89e687ea355d35f6a50ff12c509b4c

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Wed, 10 Feb 2021 16:59:18 GMT
Server: AmazonS3
x-amz-request-id: YSMA25AE4E70WM7J
ETag: "29730ea230eccb034fbf0c8197424aa9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9737
x-amz-id-2: 77jv6DQsVe0xMIRvUVEsPYHpIZ/KVAEM7SrA1YAohxsp3fKjTb4fW53QgN9rvspDbUb1k4/InOY=
Expires: Thu, 10 Feb 2022 16:59:17 GMT

GET
H/1.1 200
OK mank-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 34 KB
35 KB 132ms
130ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/mank-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5381cb77f8ad6095fe1d69358f53996a8e6032b346c147cbad8196829ddf13ff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Tue, 16 Mar 2021 00:38:39 GMT
Server: AmazonS3
x-amz-request-id: YSMESGXGH7HZQHVF
ETag: "f77c822e76c54bca11c01f1a72c3f2d8"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 35225
x-amz-id-2: fECrxnBVdm5vk4IuK/9pDWKtZkGls0zceq/YiWgc0yCNnsknHUKLIR4+eb9tZ2BYF3t7DvITu98=
Expires: Wed, 16 Mar 2022 00:38:38 GMT

GET
H/1.1 200
OK Era-uma-vez-um-sonho-7-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/ 61 KB
62 KB 113ms
112ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/Era-uma-vez-um-sonho-7-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e43676a0aaa34d6f18de53d2fc2fca0c3c094fec8c18a5407f3737053883ae74

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Mon, 23 Nov 2020 18:39:55 GMT
Server: AmazonS3
x-amz-request-id: YSM9J5271ZA4Z99G
ETag: "5d6e9c99a14e67266f759248eaaf1716"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 62768
x-amz-id-2: oc8OJLxDIDTxkOgLJWttKi3HsqZHyRUSY98Vmaib6uoblXEkCD7zULM9CVefaR6xRq5SSbLOqzQ=
Expires: Tue, 23 Nov 2021 18:39:54 GMT

GET
H/1.1 200
OK after-depois-da-verdade-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 6 KB
7 KB 111ms
111ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/after-depois-da-verdade-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 813f4e50d579d8f3c2cc486e31f2e4b2a2765a471d6a9b8703089669d9100278

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Wed, 24 Feb 2021 03:28:04 GMT
Server: AmazonS3
x-amz-request-id: YSM28938ZHMAY80Q
ETag: "78e7fa90dc8cb16b4859114ea1c97335"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6537
x-amz-id-2: 0gabmcYiKBe9ihjuwsGYclqFq4LfM7obJkVAcNLyLXO0WXm1obIWFyqqpUqiL7PPF4pAHB1XM/w=
Expires: Thu, 24 Feb 2022 03:28:03 GMT

GET
H/1.1 200
OK Kids-Choice-Awards-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 41 KB
41 KB 113ms
113ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Kids-Choice-Awards-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f36c51cae2316c55ed81d19b13bbd27e151af9492193bd1534dd8990e3634be

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sun, 14 Mar 2021 16:57:49 GMT
Server: AmazonS3
x-amz-request-id: CT80Z8KGAXVB6QFD
ETag: "7499cb6098723918b08931d8f7eed811"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 41614
x-amz-id-2: j1kD2j4YuMKLD6YLic2yXYvjBSoD+cBkKFB7mp3cz5NrJJWxziWc2yQQ93WeoL18S94xrXzCH3I=
Expires: Mon, 14 Mar 2022 16:57:48 GMT

GET
H/1.1 200
OK FUMETSU-NO-ANATA-E-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 9 KB
9 KB 110ms
110ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/FUMETSU-NO-ANATA-E-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03dfca60faa49cd724a51280a1ecbc6728f4c898053cc7621b81a8e5ab72478f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:30:47 GMT
Server: AmazonS3
x-amz-request-id: CT840M19N0W6D954
ETag: "27f63292156abc608ef1f7ef41670d4e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9189
x-amz-id-2: Ul0D4gYpZKaYE/qB/L9hPO/JRJuWeAyd4QuUtSX0V68sSQ7NrejC+WDGfIjx5CI5EjqKNwiYVEk=
Expires: Tue, 15 Mar 2022 21:30:46 GMT

GET
H/1.1 200
OK oddtaxi-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 6 KB
7 KB 113ms
112ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/oddtaxi-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c31cb358aabb1dfb4fa9339e63909567f3049ff25c60f323fc417319daba584c

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:17:39 GMT
Server: AmazonS3
x-amz-request-id: CT8ED9J4DCW47K7G
ETag: "32e5f20b759d00394a13366bab2f6c1f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6480
x-amz-id-2: GgSv7nzYuB65vBJQ4pKP0fdoJDF2/45AWN7+94NH0vx/+geFifR/yAxU00wOMqtj8R6bzcTHoYM=
Expires: Tue, 15 Mar 2022 21:17:38 GMT

GET
H/1.1 200
OK os-irregulares-de-baker-street-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 7 KB
8 KB 114ms
113ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/os-irregulares-de-baker-street-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f354628adf0a64b82b6d77d9b7000bd610abff3bd5cac100027433f8b976310a

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 22 Feb 2021 23:42:04 GMT
Server: AmazonS3
x-amz-request-id: CT8419HZFXJJR6G1
ETag: "8910688b6ccdb8c6e45bcb6903b217ad"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 7541
x-amz-id-2: GviIMAaxf1sZAjgx9avxhLBEiWtGoPaylIjvC5lrGizb6U2I3YWuRGemqcOcGWdtDNJKQAu7fXQ=
Expires: Tue, 22 Feb 2022 23:42:03 GMT

GET
H/1.1 200
OK Abla-Fahita-Drama-Queen-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 50 KB
50 KB 112ms
111ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Abla-Fahita-Drama-Queen-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43556f0a49b7ac8ebed25dc2110d74815bf023b2c3bd7757795fdf3c8074ec21

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 11:34:29 GMT
Server: AmazonS3
x-amz-request-id: CT89JS5VVXA3ZD8M
ETag: "9a5f95293d8006be14ba873f8fa28f04"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51260
x-amz-id-2: iHfjCBl6P7zMmhKAtXH07TTrQ77ihRQ9YAUyrKTgZi+J2d8yJT6Q1u8xKmWOcmcQ/nP5z8eusHA=
Expires: Tue, 15 Mar 2022 11:34:28 GMT

GET
H/1.1 200
OK Polos-Opostos-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 6 KB
7 KB 116ms
115ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Polos-Opostos-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22e8fc329485f0d04a12f7544dcc354f5b0f2154625b722e73c6245d5f85f79d

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 11:17:36 GMT
Server: AmazonS3
x-amz-request-id: CT81JF90WAVWA9S1
ETag: "cf6b7945f5bee0c8dce8438dbf94dc03"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6292
x-amz-id-2: oVQp+1K9caobKUyT5kTeZB98PO6x7gcmacL0MMPj8s2agHmyd4ZT8cGlUSul+zwIlrjqlaoY+D4=
Expires: Tue, 15 Mar 2022 11:17:35 GMT

GET
H/1.1 200
OK Netflix-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/ 5 KB
6 KB 115ms
115ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/Netflix-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a805ce4168f287c9adb0f5b140450a27c8ee3e8cff36658e9a21904b99eb4e4f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sat, 28 Nov 2020 16:35:30 GMT
Server: AmazonS3
x-amz-request-id: CT89R98NWSPC7XTM
ETag: "7bd87b91eeb5142e8128ece84ab36f94"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5491
x-amz-id-2: QMP1g7toNT79tJZenijhx2/o5YlcIv+xSYg9F14YBXwRRGDPc2KN7yOeC8PfXK/gGK8LKu/PFWU=
Expires: Sun, 28 Nov 2021 16:35:29 GMT

GET
H/1.1 200
OK given-1-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 10 KB
10 KB 126ms
125ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/given-1-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d48ba970970432b124b419337b31e8d4034e90171e7266365a5d9ce53c3e64a0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 09 Mar 2021 19:37:06 GMT
Server: AmazonS3
x-amz-request-id: CT82Y7WSEBCB8A32
ETag: "2bf04dedc992d27796719a3d4807ed33"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10077
x-amz-id-2: x+p049WZMbxYDS496coTUBhfZNMYBHTDNfThRgyBxlyYYflAfXXRK7DIar3tnHc54r8Y7zghHXo=
Expires: Wed, 09 Mar 2022 19:37:05 GMT

GET
H/1.1 200
OK images-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/ 22 KB
23 KB 108ms
108ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/images-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a09bdfd774c29506be4567caaad4dd60a3f999ec74892fabb60344cb896ffed

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sun, 29 Nov 2020 02:12:49 GMT
Server: AmazonS3
x-amz-request-id: CT8A3ETGV153MQSQ
ETag: "a30a1bd9a4b24d242ae666e605db13f8"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 22654
x-amz-id-2: lMMHB6pKsObj9l4inypnbNCYIlY/eatOS2/pMeRe/IlxeHg4Hka+72QuP8kfs4/WFXbFsS/nkwY=
Expires: Mon, 29 Nov 2021 02:12:48 GMT

GET
H/1.1 200
OK its-ok-not-be-ok-1-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 11 KB
11 KB 110ms
110ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/its-ok-not-be-ok-1-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d663e74ba25886b409a0e91a986713873e83a85acecebe0b0ab548d953a4d8e

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 09 Mar 2021 19:51:01 GMT
Server: AmazonS3
x-amz-request-id: CT8AMGANCA1T6K1D
ETag: "df38694b1ae5de3c2a7069f6cf41330c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11213
x-amz-id-2: B9OZXGtUYnRZnt1pFaqG1b4j5KM1FxD7Gdvti+QySG3EKiNnYcVSIzN0G2pDwDLxF1Q5mtQJNPw=
Expires: Wed, 09 Mar 2022 19:51:00 GMT

GET
H/1.1 200
OK o-mundo-invisivel-entre-nos-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 72 KB
73 KB 111ms
110ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/o-mundo-invisivel-entre-nos-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9fbc48031df4c3e406e8443afc3d83ac669ce24eeb5f329d8707fa0af73e3b8

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 23 Feb 2021 01:34:51 GMT
Server: AmazonS3
x-amz-request-id: CT86DFNGJ8K39WGK
ETag: "647dd5c0879758c70c9593ba41111851"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 73990
x-amz-id-2: whasBgzUExLnpzjYsl+Nlx4x8LhxhgqkH6HI0QLTFsMVN8+GjZjzYEl6MRGRSkAJqIs7JHSxnEE=
Expires: Wed, 23 Feb 2022 01:34:50 GMT

GET
H/1.1 200
OK novodest_correntedeouro-218x150.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 81 KB
81 KB 113ms
113ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/novodest_correntedeouro-218x150.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10040ce6c01eeb107e03dc423c8eac3126d5b58025a11aa38e0009c4f079ce12

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sat, 20 Feb 2021 12:41:38 GMT
Server: AmazonS3
x-amz-request-id: CT8CQFJT6XSDVBHY
ETag: "700860aeb0c0db23d779d2cd53ef6e53"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 82653
x-amz-id-2: kE8zxiZS8N/4y/zup7LtHB+NOdTRE+5MUrUaio58g4aEkVI8HC7dfoBzYirRzoEHL1H/aL72j+g=
Expires: Sun, 20 Feb 2022 12:41:37 GMT

GET
H/1.1 200
OK bruna-vieira-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 8 KB
8 KB 115ms
115ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/bruna-vieira-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 849e8b5d4be2c692cc3f378fd2ee68524dfd304f8bda13b84f919d48e9b446fa

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Feb 2021 00:22:47 GMT
Server: AmazonS3
x-amz-request-id: CT8EWJQ80N0XTETG
ETag: "fbdc493e59a52083a75d7d0413239e74"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8026
x-amz-id-2: kM+PC4UTu6hUlu5ndKCKtPzKJUI1d2RjByKNjeVK5ja2tjkJMpaFvAzZ8NqQqtoOJTfyrG6t/w0=
Expires: Tue, 15 Feb 2022 00:22:46 GMT

GET
H/1.1 200
OK grammy-2021-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 7 KB
7 KB 119ms
118ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/grammy-2021-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9af699061ede3e083ea90fffb90a448dffc727e91c6a2a35bfef9b1eb911dd85

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 10:43:41 GMT
Server: AmazonS3
x-amz-request-id: CT84GX7JA6CTZNV9
ETag: "77abaf7e4fb499450977b7a506512325"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6860
x-amz-id-2: 4AgJxqYhgknmldq5q0rHgl7j+VOi/NNJCFVGTrGgPrU/pelUaDLemPNsvr3pl4Qjv9adZ4Je9rs=
Expires: Tue, 15 Mar 2022 10:43:40 GMT

GET
H/1.1 200
OK maxresdefault-1-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 10 KB
11 KB 112ms
112ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/maxresdefault-1-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e81ea885fb28fd3c4cf9352eca9f38581bf992cb4ed86fdf0459aede4d7828ae

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 08 Mar 2021 14:23:23 GMT
Server: AmazonS3
x-amz-request-id: CT85YQZ3CY33ZQB5
ETag: "ae2d1717ef78cf8f31a19a20a664a5f7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10445
x-amz-id-2: UUIHPveQ+ZPSjNlDiITmybiS3atDJJon0+yevJ1A0qcQprD/SXYtNY2Nshg98UoabmxSFBXzcZg=
Expires: Tue, 08 Mar 2022 14:23:22 GMT

GET
H/1.1 200
OK black6ix-kpop-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 10 KB
10 KB 112ms
112ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/black6ix-kpop-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7e5ef4bcb5f87ae36c7033fffd324469ed03515dfb8f5635357d4832eeeda70

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 22 Feb 2021 04:29:31 GMT
Server: AmazonS3
x-amz-request-id: CT816G9KF01KXJ5A
ETag: "fb3af95c35434f04193c47c4b0d5a65a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10251
x-amz-id-2: 3mEsNVK8yExGZnBC97eXCo3QFU+BwV/r30V2I2yMa0ZU+qA77ji/SnWA+LuZD8i+vzt47f5luWQ=
Expires: Tue, 22 Feb 2022 04:29:30 GMT

GET
H/1.1 200
OK Todos-os-Meus-Amigos-Estao-Mortos-2-218x150.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 8 KB
8 KB 111ms
111ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/Todos-os-Meus-Amigos-Estao-Mortos-2-218x150.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8cadca9ac0a204c8d0e7fc70fadcc71c635c8a5dd6b778de0de75db4e5db918

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Wed, 03 Feb 2021 17:55:48 GMT
Server: AmazonS3
x-amz-request-id: CT87D3F6NRDY6ZPE
ETag: "87dc2de53163d4671c164b5ec0ed3c97"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8021
x-amz-id-2: quEg2YbEa/dzEdUlCaFF6xWx2DdwxjYJ5xkDpIpzHDkTD8jU6ROB8emLfN4WWwJOFyrwsqR44DU=
Expires: Thu, 03 Feb 2022 17:55:47 GMT

GET
H/1.1 200
OK Todas-as-Mulheres-do-Mundo-324x160.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 11 KB
12 KB 126ms
125ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/Todas-as-Mulheres-do-Mundo-324x160.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01fa80b8a77d1be2b6b224075c3475578f71f4111f6fea2454d484dac60061de

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 02 Feb 2021 02:04:24 GMT
Server: AmazonS3
x-amz-request-id: CT8A72Q873MRTV7G
ETag: "bb08667007cd66ce96c1ebf71a64976d"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11708
x-amz-id-2: 04e1bcng8pqYfv7bhY9RSn+PkrlVB4yyMmhfy0RHoGWYq6m68C/W4Hvh5MVRuD1eHocEZy2THRY=
Expires: Wed, 02 Feb 2022 02:04:23 GMT

GET
H/1.1 200
OK mank-324x160.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 50 KB
50 KB 127ms
126ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/mank-324x160.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f442d8bc11e22a5f4eaa803a2fae5e5a16c84ab785ac073375b6a1f9cb2aa9c5

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 16 Mar 2021 00:38:42 GMT
Server: AmazonS3
x-amz-request-id: CT8BVY85WC0C4478
ETag: "da331204e87b491c53c6cc02017ae576"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51119
x-amz-id-2: qhyLVx+i1szUlhuYGVKcBAa2CzNuM9V26VKXaVdt9zudwINAaWHOd3jS1U0QDO2EXF3pj06NKIo=
Expires: Wed, 16 Mar 2022 00:38:41 GMT

GET
H/1.1 200
OK falcao-e-o-soldado-invernal-324x160.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 11 KB
11 KB 111ms
110ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/falcao-e-o-soldado-invernal-324x160.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2198e16d2a1ec540b0a86b674a4b93f16c8050e09325941f3a5d4c0c349b73f6

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 08 Feb 2021 22:56:21 GMT
Server: AmazonS3
x-amz-request-id: CT86M003XV6W0EY5
ETag: "89b8249491066209b8b456bee63477e8"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11128
x-amz-id-2: KQ6gcealyNxneKWITmjsDjv7CldP5d3AO7B6GDzT1NkmY0RgBAog7KCsNy0zQplFZy7R9I10G5k=
Expires: Tue, 08 Feb 2022 22:56:20 GMT

GET
H/1.1 200
OK FUMETSU-NO-ANATA-E-324x160.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 12 KB
12 KB 126ms
125ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/FUMETSU-NO-ANATA-E-324x160.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9985ac459ea907188d584f5581d352d8a2878907da7771b677c757c44e6b643e

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:30:48 GMT
Server: AmazonS3
x-amz-request-id: CT8D9D3D3EECG3RQ
ETag: "fa297bc48aee299dacd93226cf4f7d52"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 12244
x-amz-id-2: pcDE1naMDFpI4Vgyeq60urT55UeAVK9xIXCBSo5fkgo8sCnoH7xIZ6exFnNv8t7rICbLrSuQxss=
Expires: Tue, 15 Mar 2022 21:30:47 GMT

GET
H/1.1 200
OK Nerve-3-324x160.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 14 KB
14 KB 141ms
141ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Nerve-3-324x160.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfcfb02841c32eb5d4e3e4ffb2b1dbb2fcea0938f511b9fecaf9229e8e6b4821

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 20:25:36 GMT
Server: AmazonS3
x-amz-request-id: CT865ZHS1A0W7M55
ETag: "9de8ca9e7d5b60d300c2a35b33dad4a7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14159
x-amz-id-2: uK3g01y5+hcFxdIJ59a+EeH6s+wDX9HhCdU2LjxdIeDdBZ/KHyJb70eExSirZFq/kHEtIX3ArxM=
Expires: Tue, 15 Mar 2022 20:25:35 GMT

GET
H/1.1 200
OK oddtaxi-324x160.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 12 KB
12 KB 124ms
124ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/oddtaxi-324x160.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66938773eed7fb08edc8d064cf03b5a8d3e81fe619fee6f8a51c72e747e5a1dc

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:17:40 GMT
Server: AmazonS3
x-amz-request-id: CT82HJZF2K960TVD
ETag: "78518fc66f2c7bb1fab68e30ad31efc5"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11826
x-amz-id-2: QDBK3pt7g1pb4gPGfI5dIz1jQUrWEt36k7M61fT6LaidsS1bOP942mESmy4IOoavIDPnZ5Kk8p0=
Expires: Tue, 15 Mar 2022 21:17:39 GMT

GET
H/1.1 200
OK Ordem-Cronologica-DC-100x70.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2018/12/ 4 KB
4 KB 145ms
145ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2018/12/Ordem-Cronologica-DC-100x70.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88a60f5853f0a1b1c640c400755ac6701d872a7da807b8ed479f9890c893f00b

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Fri, 19 Jun 2020 01:28:41 GMT
Server: AmazonS3
x-amz-request-id: CT8945J3RM4J8Q7B
ETag: "0759921ad2993bccaeae36e6760b2279"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3636
x-amz-id-2: FFpauKh7KjZFkER/0evtcq3h2uQBehy1xDogNMAx9nm05b3tRndFby1QsbC4MTMEDP4WcQUbZmk=
Expires: Sat, 19 Jun 2021 01:28:38 GMT

GET
H/1.1 200
OK The-Front-Runner-100x70.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2018/10/ 3 KB
4 KB 110ms
109ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2018/10/The-Front-Runner-100x70.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b68933f943fdc6a74ae8922cfdf65dd8928bd4b9afb8d9b0c464daafc1a4ccce

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sun, 25 Oct 2020 04:00:28 GMT
Server: AmazonS3
x-amz-request-id: CT85DP7AQR4QEH3D
ETag: "ca9c46f747100c1ce9c9f3e31aea526d"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3263
x-amz-id-2: DZRRYHa5KOiNsv2sjKcxN2QYeTDnqDJ9TovC96kZ1IHihm1QX3YuoU8+vMaLUtKBj0pWFdBfa7M=
Expires: Mon, 25 Oct 2021 04:00:27 GMT

GET
H/1.1 200
OK park-min-young-100x70.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2020/06/ 8 KB
9 KB 123ms
122ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/06/park-min-young-100x70.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 831820eacdf8b2be1d67346a1cc0b7156363a4798905e37621880f9a212dfe5d

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 30 Jun 2020 16:01:08 GMT
Server: AmazonS3
x-amz-request-id: CT858N76XJ2ZMG70
ETag: "a378b5736eafc0bf5ea7d614845e534c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8559
x-amz-id-2: TT3KA2t2Q1nv0nd72r6I0v1k4g/iSrfhdlaOADWtK278AG3jc9uUzpEF8ORXe9KwlCbNtSqQftM=
Expires: Wed, 30 Jun 2021 16:01:07 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 76ms
31ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fa14a273651b615c644a7ad65e04ee4e778995e4d7d00507907562c3f17031

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 630dd5304b9e1e99-AMS
date: Tue, 16 Mar 2021 12:02:28 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 18:56:21 GMT
server: cloudflare
age: 3957
etag: W/"b7a-5bd97ce37f56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
cf-request-id: 08dc83922b00001e991db0e000000001
expires: Tue, 16 Mar 2021 11:56:31 GMT

GET
H2 200 underscore.min.js Show response
entreterse.com.br/wp-includes/js/ 16 KB
6 KB 28ms
28ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/underscore.min.js?ver=1.8.3

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd52ff9494c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 23:30:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b3209-3eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UF6SKGOp8KAGXGKaMJh%2FOuQHK4V0aIBB54Kqqdfr3OJfCoJjE1Fv0qxHKFm6IMfTycm1z1X2VBm2%2BdoMXsqAkem7zHKB5XAgD7b%2Ffg1PoksoIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc8391ff00004c6e79b34000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 js_posts_autoload.min.js Show response
entreterse.com.br/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 37ms
27ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd53019984c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 14:14:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"600597d5-13fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uEtFV7U%2Fy4SdPEDKGJ3gRV8DO9R03wbI%2BRERmsCf9g1o6CfuvpJl9Ii4Bta9lwrlMBnK4KnAsz0ek%2BH2neK9uy43V6Hd%2FEpae4ZTM%2FwtnIIdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83920d00004c6ebb023000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 tagdiv_theme.min.js Show response
entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
55 KB 56ms
46ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd530199b4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 02:44:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6004f614-3f512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cRtmnQvGgMS34MOw3lGfDhhbOWb9DHXoTXX5S1rdzFDsz4wzHnF%2FpxEPw8PRrTh3tQOGA7WsjSPhAAO6JSvyFgDIsc9NTMhBzgJ5DO%2FdHTFWrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83920e00004c6e772db000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 comment-reply.min.js Show response
entreterse.com.br/wp-includes/js/ 3 KB
2 KB 54ms
46ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/comment-reply.min.js?ver=5.6.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd53019a84c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 23:30:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b3209-ba6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LcAKrpcUu9vdaAFrSpsKGsDJdp4%2B5xeyeWxZ1OjLMVx9hQ9%2FoOy6410RJRKS1qn%2FQuhu3rp3KlcvKg20%2FY%2BoACC9ZxIuQyGSUjQKAYtlb5KIrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83921400004c6eae079000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 js_files_for_front.min.js Show response
entreterse.com.br/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
8 KB 41ms
32ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd53019ab4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 14:14:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"600597d5-8387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1okZsGMrHcYQgtZswD62tvyyZYsu2fgMWXGe80qCOC4b%2BzCHQ22WdyhUbOOmPLxMtQEmLvKRKZYElVYMWRcqwZwZgZYJWSxAabhUeLys1oEA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83920f00004c6e74372000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 wp-embed.min.js Show response
entreterse.com.br/wp-includes/js/ 1 KB
944 B 40ms
32ms Script
application/javascript 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-includes/js/wp-embed.min.js?ver=5.6.2

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1408190
cf-ray: 630dd53019b84c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 23:30:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b3209-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6tOP3VTt7LjUEO33HO7Ftatwf%2FrQoBFEEYWRDpxrZersw196jelofvpc6%2BONOpYyg295ViI37CuQ7BpfVqAr1gS2yLRrC4epgkTXOF8jaRcvGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83921000004c6e9d33d000000001
content-type: application/javascript
expires: Tue, 30 Mar 2021 04:49:11 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 29ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 309
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 630dd5302ece2be9-FRA
cf-request-id: 08dc83921b00002be9d9832000000001
expires: Fri, 19 Mar 2021 12:02:28 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 7ms
6ms XHR
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 11:36:36 GMT

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dff6f4d907290bdbe74812bf73b590f268694e0a30e64b4bb24b803a47b3e319

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 609 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Back.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/ 14 KB
15 KB 215ms
177ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2019/09/Back.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72056ec9d003cecdfe230a2b8675517ded8c445fff2b3a10c79e17595b81deb3

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Last-Modified: Thu, 18 Jun 2020 12:14:40 GMT
Server: AmazonS3
x-amz-request-id: YSMCJFTFV0PH0D9B
ETag: "734ca1f45bc51b7c99a7451aadb2a694"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14489
x-amz-id-2: rppXJg/X1Gw6KX4aKAb9HquwBwBsNwoXhbqJed1l1Z2I/2TiPh2CuTQVM9Q8iKG8cs9EK6aDij0=
Expires: Fri, 18 Jun 2021 12:14:39 GMT

GET
H2 200 newspaper.woff
entreterse.com.br/wp-content/themes/Newspaper/images/icons/ 123 KB
123 KB 31ms
30ms Font
font/woff 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entreterse.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/wp-content/themes/Newspaper/style.css?ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://entreterse.com.br
Referer: https://entreterse.com.br/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1398361
cf-ray: 630dd53039ea4c6e-AMS
x-runcloud-srcache-store: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125620
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jan 2021 02:44:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6004f609-1eab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ckAVBFq7%2F0lPNEcLEPCqqPqxysdVYT5RQkmnNRj0eMH%2FDDceSGZvUMpTQZtp1%2F4xud6akylVxlNZonKjobQiIm71Mz%2F1MwsvcQTEh4z0VLW2Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type: srcache
x-runcloud-srcache-fetch: BYPASS
vary: Accept-Encoding
cache-control: max-age=2592000, public
cf-request-id: 08dc83921f00004c6e7c091000000001
accept-ranges: bytes
content-type: font/woff
expires: Tue, 30 Mar 2021 04:49:12 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 467899
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:04:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 61841
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 35ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 490197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 64016
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:15:32 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ 105 KB
31 KB 15ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.min.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2432832
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31378
cf-request-id: 08dc83934900002c363b3da000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B3taxLjURXylK8%2F8B7OC9FDN4%2BNHVk82XW9RfOm%2Fj4BbIQmc%2B7%2FK7kTwsufbhiWYYecMzI8lt2FQpoX5wgUDpPhRQea95hwaon9N8kmc2L37EVf0ZtwuAVov2IV7a9PzEw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 630dd5320bc82c36-FRA
expires: Sun, 06 Mar 2022 12:02:28 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 72ms
23ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 17 Mar 2021 12:02:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 330 KB
114 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7193
date: Tue, 16 Mar 2021 10:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 12:02:35 GMT

GET
H2 200 rm Show response
as.cazamba.com/ 591 B
1 KB 368ms
145ms Script
text/javascript 52.5.234.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/rm?token=e64b689d4e20008879a707cdb07ac4a7&r=21119020420&v=13&p=%2F&vp=false&callback=superagentCallback1615896148808237
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.234.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/5.3.29
Resource Hash: b32c0847f9a9d8f345b07debe5ebf8db0279d2e78a0c0e0665e0f48c552816ce

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
server: nginx/1.18.0
x-powered-by: PHP/5.3.29
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 591

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 197 KB
60 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c5cd3a52c16881312ea38a630c5903669af08eb0b45e79916e3cdfbe4037b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://entreterse.com.br
Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LaT4OvLWvc4qQ5Jbvgv4Mg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60841
x-fb-rlafr: 0
x-fb-debug: XOU5C38CPCLhflDCOAEWDoYoCGhsvg9WW+F/BVhrFwCJZd99xyCbpTFAzEsS4P03+OF1tl+CwVt1k4wXkm6sdw==
x-fb-trip-id: 917726464
x-fb-content-md5: 0db56c1f8611450a4f4d7e6acd8eac3b
x-frame-options: DENY
date: Tue, 16 Mar 2021 12:02:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "dfb942824d4bf627343f68895eb6961a"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Mar 2022 11:49:30 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/ 226 KB
85 KB 65ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6514705902031304&plah=entreterse.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b312f6fe4ab11655e2972dbd8268111459324b38ea0d2c307d14f4e1c82b107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86604
x-xss-protection: 0
server: cafe
etag: 12859623440997571729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:02:28 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=127252615&t=pageview&_s=1&dl=https%3A%2F%2Fentreterse.com.br%2F&ul=en-us&de=UTF-8&dt=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=664376950&gjid=1395133158&cid=1395941363.1615896149&tid=UA-42852934-1&_gid=386602656.1615896149&_r=1&_slc=1&z=1851468098

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=127252615&t=pageview&_s=1&dl=https%3A%2F%2Fentreterse.com.br%2F&ul=en-us&de=UTF-8&dt=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1299244982&gjid=1537131732&cid=1395941363.1615896149&tid=UA-39481927-2&_gid=386602656.1615896149&_r=1&gtm=2ou330&z=236401711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 63289
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-39481927-2&cid=1395941363.1615896149&jid=1299244982&gjid=1537131732&_gid=386602656.1615896149&_u=IEDAAUABAAAAAC~&z=764881271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 12:02:28 GMT
content-type: text/plain
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=547244872664295&ev=fb_page_view&dl=https%3A%2F%2Fentreterse.com.br%2F&rl=&if=false&ts=1615896148948&sw=1600&sh=1200&at=

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 12:02:28 GMT

GET
H/1.1 200
OK Todas-as-Mulheres-do-Mundo-696x445.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 45 KB
45 KB 265ms
203ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/Todas-as-Mulheres-do-Mundo-696x445.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfe7cc2d9d899a3644c22c4043c7c7f3e9a05bd4321925f2a3e757ae457c0b54

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 02 Feb 2021 02:04:23 GMT
Server: AmazonS3
x-amz-request-id: CT88FXXYQMMB3DWD
ETag: "284a556e23ce4ff07efdb22857cc88fc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 45926
x-amz-id-2: pCCrJ3ZwPp3jmFhDGpN6xggz8uSjAEn0EaoUzFW/LfehkI9jTTEzf5FerUL8wTZ8+DSHzTigV4g=
Expires: Wed, 02 Feb 2022 02:04:22 GMT

GET
H/1.1 200
OK mank-696x392.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 187 KB
187 KB 278ms
144ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/mank-696x392.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 549c5b06311f6dd3610045aaf0bf8176091ca9eac7b258d4d53d67baa080aa46

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Tue, 16 Mar 2021 00:38:40 GMT
Server: AmazonS3
x-amz-request-id: CT82R2A59ZAMBQGF
ETag: "d3d72f61db0640b335dd8d89b04e2a67"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 191491
x-amz-id-2: OKENMHMcMmW2L8zLUq0THd4OqBKyRDCdtKoOiSFbl+8/L/CSoQMw/tBDAYwnjV7n9zMs2a7L2uA=
Expires: Wed, 16 Mar 2022 00:38:39 GMT

GET
H/1.1 200
OK falcao-e-o-soldado-invernal-696x394.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 45 KB
46 KB 180ms
146ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/falcao-e-o-soldado-invernal-696x394.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c53b09a28729ef77ca31b937721e6a1c0cb5e730ab03d47d2ac1c75b34678f4

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 08 Feb 2021 22:56:21 GMT
Server: AmazonS3
x-amz-request-id: CT8C6VN2Z18GPH7H
ETag: "9489460e6910dbbb538359f6b0deabef"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 46299
x-amz-id-2: 9KzAD7KslACZY7P8m7KSjNr4Qc3N8UM1OORAv2cihLwm7eGNsSNUlXFUToak7Ax1rpvR+BDgszA=
Expires: Tue, 08 Feb 2022 22:56:20 GMT

GET
H/1.1 200
OK FUMETSU-NO-ANATA-E-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 56 KB
57 KB 167ms
128ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/FUMETSU-NO-ANATA-E-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7c39e2da1a94289cef6cc619591eda5a978f4c2d306c7a43b1020263c127eb6

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:30:47 GMT
Server: AmazonS3
x-amz-request-id: CT822GA15D16NVS1
ETag: "d1184eed0ed60afae894a0b999b07fc2"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 57431
x-amz-id-2: S8HYpLiNtyy1UR+loSeqn1Gir8ipD0kBYtOzZWAPltPbhD6BEtKF6ojEMbDtY/jEBsQTzIaUl2Y=
Expires: Tue, 15 Mar 2022 21:30:46 GMT

GET
H/1.1 200
OK Nerve-3-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 61 KB
61 KB 267ms
120ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Nerve-3-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09874e25d01428d0d35c9d6270ab6dc8c9b273eda0e9747af14867e0f7222a5e

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 20:25:34 GMT
Server: AmazonS3
x-amz-request-id: CT8BN6AFXJBP1RFZ
ETag: "72f94e7c45a17e5d93200bd3775b28da"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 62261
x-amz-id-2: UoIteoEW/E8CqvJb1tnEImccuR8YVqAhEvauS7MPtyj97KtWKrNaG6xJSeWhA01dEQGrvCDlT/A=
Expires: Tue, 15 Mar 2022 20:25:33 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:28:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 264831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:28:37 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=
https://sb.scorecardresearch.com/b2?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=...

0
528 B

23ms
23ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=&cs_ak_ss=1
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=8&c2=16041074&c3=&ns__t=1615896149002&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39481927-2&cid=1395941363.1615896149&jid=1299244982&_u=IEDAAUABAAAAAC~&z=949920669

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39481927-2&cid=1395941363.1615896149&jid=1299244982&_u=IEDAAUABAAAAAC~&z=949920669

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK The-One-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 103 KB
103 KB 307ms
166ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/The-One-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54dc579b3e2e1ecd62783aa8e1b1a23b0c9f01d00ce4f8729e9efa1e2d567c6b

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Thu, 11 Mar 2021 21:20:44 GMT
Server: AmazonS3
x-amz-request-id: CT84MZP132C9FY2W
ETag: "77af1c2131773f4385fd5ef06f2f3d8f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 104986
x-amz-id-2: eeClxaA02B/hHo3hlecoyzJJztXG0EKSEGSAsokgSYuJlTA5OY9rUrbQZx2eodZYtmyt3D7+nUg=
Expires: Fri, 11 Mar 2022 21:20:43 GMT

GET
H/1.1 200
OK love-alarm-1-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 42 KB
42 KB 417ms
123ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/love-alarm-1-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e51442a2b4d583b0fac1ea09efade3e9eb32ffce5b4fc4835f1db7acd7c11a68

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Sat, 13 Mar 2021 18:23:58 GMT
Server: AmazonS3
x-amz-request-id: CT84WTJFJN1NDWH7
ETag: "ed0137a275540067c4f6048d1d0ca146"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 43046
x-amz-id-2: t/gJjX6UlqYVkv651x+PPavu3EuGO4L51rvgBLwbbB10BEo3+svu8wUkE4IvnDRge5PSJPtY6Ho=
Expires: Sun, 13 Mar 2022 18:23:57 GMT

GET
H/1.1 200
OK YES_DAY_00_28_56_07_R2-696x348.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 44 KB
45 KB 430ms
138ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/YES_DAY_00_28_56_07_R2-696x348.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2117207e1980434a20e6b9d58006d4a97e8c029401d8a5b918074beee6d7971a

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Wed, 10 Feb 2021 16:59:19 GMT
Server: AmazonS3
x-amz-request-id: CT83WB65E9C1T145
ETag: "66f5be0c3231c3cdde84fed91f55f553"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 45425
x-amz-id-2: Q62bWN1jaBMiAJF14uBcPweZUaXl1rU2pKy+x9I4zl2IU1NTFu9KZlJJhE04geMUGolzUm8eYvA=
Expires: Thu, 10 Feb 2022 16:59:18 GMT

GET
H/1.1 200
OK a-sentinela-5-696x464.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 47 KB
47 KB 341ms
130ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/a-sentinela-5-696x464.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0af6d025ba0e8ebe7415956eb95cc59b8a786a8e809aa05ad1c1d5cdb714c2db

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Fri, 05 Mar 2021 11:44:33 GMT
Server: AmazonS3
x-amz-request-id: CT85AETKZPSRTPCK
ETag: "7d1ceb7e588f614c1909a83433fea1c1"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 47798
x-amz-id-2: Cwb/vOJwupabtmpgQVaEGfBzdGQ88mRIey0Xa4blpCJ/ij/DA3GCmjSQfmuOq+Y2pmO+t+AaNQw=
Expires: Sat, 05 Mar 2022 11:44:32 GMT

GET
H/1.1 200
OK circulo-de-fogo-3-696x394.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 44 KB
45 KB 316ms
116ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/circulo-de-fogo-3-696x394.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9693748f68ee96251a97c3e8ad08e6561fc5b18a4d84f580825b1fded19499d

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Thu, 04 Mar 2021 20:43:04 GMT
Server: AmazonS3
x-amz-request-id: CT85VTZEQ34KZRV2
ETag: "38b787855bba2a611f529dacedd637f5"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 45239
x-amz-id-2: YlMowHGXpZCJGxqyEJtM1uqc3diaQKmfOd1I+cO1eiiVpLrkWqqO8opk7BNbt2J3sEMsWRTEUxA=
Expires: Fri, 04 Mar 2022 20:43:03 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A700%2C800%2C500%2C400&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://entreterse.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:24:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 473893
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 11 Mar 2022 00:24:16 GMT

GET
H2 200 14c6009101671319b5a33c279c96cc55
secure.gravatar.com/avatar/ 5 KB
5 KB 21ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/14c6009101671319b5a33c279c96cc55?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f6b3a4038273baf055918ea5bdd241b3ca19948976ff62d32b2757168565af5

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Thu, 26 Sep 2019 01:21:53 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="14c6009101671319b5a33c279c96cc55.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/14c6009101671319b5a33c279c96cc55?s=96&d=mm&r=g>; rel="canonical"
content-length: 4773
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H2 200 5ac9a0c651820096bfcd0029fbe6599d
secure.gravatar.com/avatar/ 4 KB
4 KB 24ms
9ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/5ac9a0c651820096bfcd0029fbe6599d?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e315f3cfd984ffdd2fc233739e2a1e55a92bf74456613cf2d684c1ebeb6d9daf

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Wed, 24 Oct 2018 01:28:23 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="5ac9a0c651820096bfcd0029fbe6599d.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/5ac9a0c651820096bfcd0029fbe6599d?s=96&d=mm&r=g>; rel="canonical"
content-length: 3837
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H2 200 4fc7bae839f6f9362383528d1aa6cef3
secure.gravatar.com/avatar/ 4 KB
4 KB 21ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/4fc7bae839f6f9362383528d1aa6cef3?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3d892fc44b84de1dcffc91971ce4ba67d2f088231a4b85e5756e53bb4a7d8f2

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Fri, 28 Oct 2016 14:01:01 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="4fc7bae839f6f9362383528d1aa6cef3.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/4fc7bae839f6f9362383528d1aa6cef3?s=96&d=mm&r=g>; rel="canonical"
content-length: 4299
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H2 200 0e20e2174ea350c7b06c76da0f29ca40
secure.gravatar.com/avatar/ 3 KB
3 KB 24ms
9ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0e20e2174ea350c7b06c76da0f29ca40?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9eac43006190d1d5bc549a5422214ad49b64c8e5be88da5806c3c681788853e8

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Thu, 07 May 2020 02:25:24 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0e20e2174ea350c7b06c76da0f29ca40.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0e20e2174ea350c7b06c76da0f29ca40?s=96&d=mm&r=g>; rel="canonical"
content-length: 2893
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H2 200 484a179d06c2a44c54c9db97c641fa74
secure.gravatar.com/avatar/ 4 KB
4 KB 292ms
278ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/484a179d06c2a44c54c9db97c641fa74?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 80133049fb1ccad64ca7391efa8748f288a995d723d4eec00d0acf0763202f6f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Mon, 30 Mar 2020 18:24:51 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="484a179d06c2a44c54c9db97c641fa74.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/484a179d06c2a44c54c9db97c641fa74?s=96&d=mm&r=g>; rel="canonical"
content-length: 3873
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H/1.1 200
OK oddtaxi-696x348.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 32 KB
33 KB 146ms
145ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/oddtaxi-696x348.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be286e17fa8f2aca0d4857d83f4f18897cbdf80e8e4b1aab04977526cdd80e20

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 15 Mar 2021 21:17:39 GMT
Server: AmazonS3
x-amz-request-id: CT82RZPHHE0XNA57
ETag: "df87c183a2fb24ac6e9ef6092c716f93"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 32911
x-amz-id-2: rueryATkHnv6UvseDVVbF88eD42uI2glpdRkKbW2Nk4neIhqPhZTxVv7GzFNQ2r1tIOWt+uLxxc=
Expires: Tue, 15 Mar 2022 21:17:38 GMT

GET
H2 200 ca-pub-6514705902031304 Show response
fundingchoicesmessages.google.com/i/ 80 KB
31 KB 54ms
34ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6514705902031304?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6514705902031304&plah=entreterse.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06138b5565792ca32cfdc59d3b934d3e83bc4b75c59b80867a5bead4eae20daa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UXyYRgWZQkCiOYiMG2X5hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-UXyYRgWZQkCiOYiMG2X5hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-UXyYRgWZQkCiOYiMG2X5hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-UXyYRgWZQkCiOYiMG2X5hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8ea1f6f4da93ad2f38288b5a705d2a81
secure.gravatar.com/avatar/ 4 KB
4 KB 6ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/8ea1f6f4da93ad2f38288b5a705d2a81?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4755824bd966418e06308d8adec9c1843554ea4fa5b945d5f5862376eb465bca

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Tue, 26 Mar 2019 01:02:06 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="8ea1f6f4da93ad2f38288b5a705d2a81.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/8ea1f6f4da93ad2f38288b5a705d2a81?s=96&d=mm&r=g>; rel="canonical"
content-length: 3681
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H2 200 0a436eb0dcaace556a832d87387e6580
secure.gravatar.com/avatar/ 3 KB
4 KB 7ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0a436eb0dcaace556a832d87387e6580?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b44cb8981c566e5c4bd0333febc21b33033443c0ff6cc58c7ba4b321ea0cd37

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Fri, 15 May 2020 00:43:48 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0a436eb0dcaace556a832d87387e6580.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0a436eb0dcaace556a832d87387e6580?s=96&d=mm&r=g>; rel="canonical"
content-length: 3477
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H/1.1 200
OK os-irregulares-de-baker-street-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 40 KB
40 KB 169ms
169ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/os-irregulares-de-baker-street-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e63177c46665df699329a9d4b36897d6c1fe384c0f76b2994bfaa101395b65fc

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 22 Feb 2021 23:42:05 GMT
Server: AmazonS3
x-amz-request-id: CT8DFWK9TCHZES76
ETag: "10ba198fa84a4aa16527252f8114d0c4"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 40568
x-amz-id-2: Y8wTlq/y6JmpGQPMAdscERy/ZQ04ZzUbKT4xkKEQedLNg3fR/rSQEq5nwl7azJaPAkrGuxspQu8=
Expires: Tue, 22 Feb 2022 23:42:04 GMT

GET
H/1.1 200
OK Era-uma-vez-um-sonho-7-696x371.png
entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/ 354 KB
354 KB 157ms
157ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/Era-uma-vez-um-sonho-7-696x371.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75e41fc39a00a6e1165be31f095ff843152ce3a789273b3c015625708b1e53e6

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Last-Modified: Mon, 23 Nov 2020 18:39:56 GMT
Server: AmazonS3
x-amz-request-id: CT83NY70JQA89V11
ETag: "939a9e1a9d2d737d8468565ac082d765"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 362410
x-amz-id-2: pETJUYNjx4UqiEbbe+/ooP9espTMyp8hYyUKIXrrxIRi9woaU+Rhv6l0tlbq8EVYz1jpF43uE14=
Expires: Tue, 23 Nov 2021 18:39:55 GMT

GET
H/1.1 200
OK after-depois-da-verdade-696x464.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 36 KB
37 KB 119ms
119ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/after-depois-da-verdade-696x464.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02e7b4675b3eb7f84baaccf951d7b6264cc329cffc954a791eb2d86fafa558a8

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Wed, 24 Feb 2021 03:28:05 GMT
Server: AmazonS3
x-amz-request-id: RJQJDPEFDGA4F3CY
ETag: "9579e46f4683c313ee50496d3bdb730f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 37103
x-amz-id-2: phSa1ZQhCO2q9+zSPO4MRlfttxvOP7lHQ4Pd3dabmjqv1aFaZBR5JioNFjQ3gRLNHC1MIAhSmGc=
Expires: Thu, 24 Feb 2022 03:28:04 GMT

GET
H/1.1 200
OK Abla-Fahita-Drama-Queen-696x391.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 310 KB
310 KB 138ms
137ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Abla-Fahita-Drama-Queen-696x391.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27354b12d83dffcf5d409c237a6f27d6cd724a2a359bfc707ef45e6d0210f68f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Mon, 15 Mar 2021 11:34:32 GMT
Server: AmazonS3
x-amz-request-id: RJQGEM3CA8PFXEKW
ETag: "7910673aa9416c4ad6c10034a171cc28"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 317468
x-amz-id-2: 9DCZl1JCyVyvCm50EGEf14GTtNojeFKsa1n8AxrEP+Yx7gq4FPQdVEjV195IaP9ktVA1yxvhYSQ=
Expires: Tue, 15 Mar 2022 11:34:31 GMT

GET
H/1.1 200
OK Liga-da-Justica-696x432.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 418 KB
419 KB 197ms
196ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Liga-da-Justica-696x432.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 535db069e580be43727d6123d3c69882399c14cf05d1b0c03361ff5a856fccc9

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Mon, 15 Mar 2021 14:40:56 GMT
Server: AmazonS3
x-amz-request-id: RJQMC4FFX8KSCEFS
ETag: "8ec22b94d7d1e5d70104036248d92844"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 428466
x-amz-id-2: 7mOQ8uPondL95pBYzIxlww6OM2a9GREH2wwpFWoEVJVzxbjKbbycPwNF0tRz4HHoNHftEcMXH9w=
Expires: Tue, 15 Mar 2022 14:40:55 GMT

GET
H2 200 2f51d5e77403af6fd382e27b5fac2e97
secure.gravatar.com/avatar/ 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/2f51d5e77403af6fd382e27b5fac2e97?s=96&d=mm&r=g
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e0ba32b929fc93c00ab05f70844e1e5800970713bffc5d2a733f865a10f6311

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 Mar 2021 12:02:29 GMT
last-modified: Thu, 20 Jun 2019 02:43:16 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="2f51d5e77403af6fd382e27b5fac2e97.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/2f51d5e77403af6fd382e27b5fac2e97?s=96&d=mm&r=g>; rel="canonical"
content-length: 4303
expires: Tue, 16 Mar 2021 12:07:29 GMT

GET
H/1.1 200
OK The-Front-Runner-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2018/10/ 45 KB
46 KB 138ms
137ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2018/10/The-Front-Runner-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5abbcf65363c96f693400d154621b8c505a19e41bfcd9cadac377646880751a7

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sun, 25 Oct 2020 04:00:27 GMT
Server: AmazonS3
x-amz-request-id: RJQY7Y16FVRE9VKY
ETag: "a2a11a76df7377ec58e3d82aba924a54"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 46360
x-amz-id-2: 4siuwhfsrCcnaxsnGCZQ9jQC+NcgTCC6YQvqGKqE3j0KROJKH2oRj8MJJDuaEY7ryD9oYCyvDh4=
Expires: Mon, 25 Oct 2021 04:00:26 GMT

GET
H/1.1 200
OK newpop-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 46 KB
47 KB 122ms
121ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/newpop-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 950d38a5d43c8aec1bc79ef00db9bc5f989137380c2418596936d1c448abf6b5

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Tue, 02 Feb 2021 17:08:39 GMT
Server: AmazonS3
x-amz-request-id: RJQTAR2TGPJQFWNG
ETag: "f34e2c454e5fecd908de84bcf0cf97dc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 47424
x-amz-id-2: KnStVx0dsLi0F2/j5g+nliFAYX/72ko7BqO5aDpxDOhd9RIdlBpHWnKNTv7e6CHo2NaRs8iXY8I=
Expires: Wed, 02 Feb 2022 17:08:38 GMT

GET
H/1.1 200
OK expresso-do-amanha-capa-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2020/05/ 60 KB
60 KB 177ms
177ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/05/expresso-do-amanha-capa-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71a16d0f700e7bd105a67fab7ac2a39419b6b705090348d5d2d229b0e73e68be

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Wed, 17 Jun 2020 21:19:35 GMT
Server: AmazonS3
x-amz-request-id: RJQYFTW8CPC1R4G9
ETag: "3afb33aaa0d26349085d5f8634554a68"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 61031
x-amz-id-2: 0NJB4djiq629jDiLM8pPUJtlwgjJ3h1Idgoyki7MYKKILUc4IDnalyEWVgtgbwT8s3ZIgcMlov8=
Expires: Thu, 17 Jun 2021 21:19:33 GMT

GET
H/1.1 200
OK Ordem-Cronologica-DC-696x378.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2018/12/ 66 KB
66 KB 128ms
127ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2018/12/Ordem-Cronologica-DC-696x378.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab6dcf03b39788c90ffd0a5c4f63d0fd04760287fd366066abd721a22b60f6ea

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Fri, 19 Jun 2020 01:28:41 GMT
Server: AmazonS3
x-amz-request-id: RJQNTQ27VP3XR23R
ETag: "5877fd6794f33691cef026013fd823aa"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 67299
x-amz-id-2: 3WBoT4HD35Usc4e+7lBYzzaQ7eKO7gKmv19JF666In21m+xgOopdc6PL8Ljeat5LjhK6Va+2bHI=
Expires: Sat, 19 Jun 2021 01:28:38 GMT

GET
H/1.1 200
OK mundo-em-chamas-2-696x464.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/ 49 KB
50 KB 141ms
141ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/02/mundo-em-chamas-2-696x464.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d8715f5e473b8b87fc74ca52ebc316190c2979d874a22670d7b762dcf055d52

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sun, 28 Feb 2021 20:19:38 GMT
Server: AmazonS3
x-amz-request-id: RJQW2ANTJ8VSKPRT
ETag: "ef298596b73e0b7aa7d215d7a2f2d3cd"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 50423
x-amz-id-2: R/Z2yd9hlX1RmmB7uw5vIDjTyql5U/RwndPPb7N+iK4JXv66RBkU4f+EZ2gwcl+x5Qma8Xx7Z+I=
Expires: Mon, 28 Feb 2022 20:19:37 GMT

GET
H/1.1 200
OK don-oscar-5-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 40 KB
40 KB 146ms
146ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/don-oscar-5-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67d3a4a5ce1ccc33656b835c2816485574ec1ecf77112a15108da3751e8e07fd

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sat, 06 Mar 2021 00:39:17 GMT
Server: AmazonS3
x-amz-request-id: RJQN5A8TM5FE5STX
ETag: "efdf3f504c1b281c248093997af24424"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 40748
x-amz-id-2: rHodnNTQlVjjZxC2xkkIHbnzCzcVStKZkaQQPdGgUtTxwm8NAOK9qH7CMmMZHCsRJoKevTmPQAw=
Expires: Sun, 06 Mar 2022 00:39:16 GMT

GET
H/1.1 200
OK moxie-4-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 47 KB
48 KB 146ms
145ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/moxie-4-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d899bbc105965af3e3e41bdff662c3a16c3253f9e03fb6dffeb9e6303be631a8

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Wed, 03 Mar 2021 12:16:25 GMT
Server: AmazonS3
x-amz-request-id: RJQME7M2DCQ95EEQ
ETag: "4428aaf61120c86a202f87f521b627b0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 48611
x-amz-id-2: enKMaBk4nRpIyZfFZNvEa7Rj1FTbdem8Gj6lnG5Am3gC6giZTKw21iNdtAlU7V8/n4WA9nxgR+s=
Expires: Thu, 03 Mar 2022 12:16:24 GMT

GET
H/1.1 200
OK o-recepcionista-2-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 38 KB
38 KB 121ms
121ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/o-recepcionista-2-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 266bf91d9ac1f713c418ab1644817e7ba3310afc0b0d4ca8cec4b652ccdf2764

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Thu, 11 Mar 2021 14:27:59 GMT
Server: AmazonS3
x-amz-request-id: RJQMSK7JJDTE7ER2
ETag: "15892c0338aef0a50824ced933650150"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 38710
x-amz-id-2: 8iN2KBNtuTgImcmTa5wu0SgwD+J0OcSo6VCatga3VYm3UQ0nyu0mNx4EPfXgcflvLcmL/6DYEz4=
Expires: Fri, 11 Mar 2022 14:27:58 GMT

GET
H2 200 cs Show response
as.cazamba.com/ Frame 0476 4 KB
4 KB 104ms
103ms Document
text/html 52.5.234.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs?publisher_id=1719&g=1615896149
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.234.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/5.3.29
Resource Hash: 74ebfae7d9d4eb419805bdb0a5420c67cabc00ef04dad6cce4c63fa85d4a29b7

Request headers

:method: GET
:authority: as.cazamba.com
:scheme: https
:path: /cs?publisher_id=1719&g=1615896149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=60509e5514521; visits%3A1614556800%3A1719=1; _czu_1_1614556800=1; _czu_1719_1614556800=1; lastPub=1719; synced=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-type: text/html
server: nginx/1.18.0
x-powered-by: PHP/5.3.29

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 32ms
32ms Image
text/plain 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=1&c2=16041074&c5=12&ns__t=1615896149223&ns_c=UTF-8&cv=3.5&c8=Entreter-se%20-%20Tudo%20sobre%20Filmes%20e%20S%C3%A9ries&c7=https%3A%2F%2Fentreterse.com.br%2F&c9=
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
589 B 61ms
28ms Image
image/gif 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=16041074&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=daff686e6be6df2b&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=&c4=&c6=&ns_ts=1615896150
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Kids-Choice-Awards-696x392.png
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 281 KB
282 KB 156ms
155ms Image
image/png 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Kids-Choice-Awards-696x392.png
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8962109116f09792bc87328b709c197b465d1737f235380ba24efc44edae2577

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sun, 14 Mar 2021 16:57:49 GMT
Server: AmazonS3
x-amz-request-id: RJQPWR85S4MY78VA
ETag: "2946ead7f0dbfd91b0efc1e2ac18e0b4"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 287949
x-amz-id-2: agbtRDZ8VdaJUgxEhKAFqzcdDngGe7Z067IwuKRIyIlzejKkHlyq6USvO71FZFwIaVbU7xcwAe4=
Expires: Mon, 14 Mar 2022 16:57:48 GMT

GET
H/1.1 200
OK Netflix.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/ 15 KB
15 KB 118ms
118ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/11/Netflix.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e456cce3fc774bc3839691ad524ff8d6e50c9a0a096ee2a695136644cd93e22

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sat, 28 Nov 2020 16:35:30 GMT
Server: AmazonS3
x-amz-request-id: RJQKN82M0M6TC95Y
ETag: "d57d96a4a077ca9f0a8026537a8964b7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 15059
x-amz-id-2: 0Ndv/J3txVPLNErdEFHUUx8w89I1YQYKIKPiTAf7cXGkmh+BDI4+JGvAc7wa8M/Y4ikv0C3O7iU=
Expires: Sun, 28 Nov 2021 16:35:29 GMT

GET
H/1.1 200
OK Polos-Opostos-696x391.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 34 KB
34 KB 142ms
140ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/Polos-Opostos-696x391.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e782a38a61caced659a0a8460267c5cec9a6ff1f0cf9653459bacd31e1ea69bd

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Mon, 15 Mar 2021 11:17:37 GMT
Server: AmazonS3
x-amz-request-id: RJQKXWFM38N01P8S
ETag: "89d76e6d0cf38a0dd75f5c1409c482e0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 34304
x-amz-id-2: r7EmfCo9EEEDdAJK/G6vXqgwgWIoFqxPl5+E3PEOUx0z2izMzeqy/8Qu+mtpKOgbxq+fpPMljDE=
Expires: Tue, 15 Mar 2022 11:17:36 GMT

GET
H/1.1 200
OK O-Reino-Perdido-dos-Piratas-1-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/ 41 KB
42 KB 162ms
160ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2021/03/O-Reino-Perdido-dos-Piratas-1-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bc3b4b03fcbdfcf50112c01aeb47f25d3c62ef66441a7dbb8c6e744bc02363f

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Sun, 14 Mar 2021 14:28:37 GMT
Server: AmazonS3
x-amz-request-id: RJQN9JEJW0W5C4AE
ETag: "5a2847690bf4e9f5f2ce310c418e60b9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 42091
x-amz-id-2: 0y5uErNUm9lxn/sxPhvzPUF1Op/Eo7+8Ii+StaBhDJeSpasyWskOVL7RhEY0WerNOnaE2lwyhj8=
Expires: Mon, 14 Mar 2022 14:28:36 GMT

POST
H3-Q050 204 AGSKWxWv1OkkjvuaLQJ8hQkeaO8DU1JJhCI5r9TuhjQardA8hBXAPYBhu704SJxjWCTFz0rpfT4b4biO7ZCOGyi9gQ== Show response
fundingchoicesmessages.google.com/l/ 0
1 KB 53ms
19ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWv1OkkjvuaLQJ8hQkeaO8DU1JJhCI5r9TuhjQardA8hBXAPYBhu704SJxjWCTFz0rpfT4b4biO7ZCOGyi9gQ==?pvid=37CE675C-A332-4221-9D25-FD54C24A69C2&anonid=4FE0E976-4F9C-4878-B914-5E709F32E861

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.EEG5_6bV_Fg.es5.O/d=1/ct=zgms/rs=AJlcJMy8ZBey9Sk8ihuq5moNI6H7kacYVg/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0a0N0xpDvdxPZuERZ73JSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0a0N0xpDvdxPZuERZ73JSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-0a0N0xpDvdxPZuERZ73JSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0a0N0xpDvdxPZuERZ73JSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVpEZizS8BM2ybLIBv1wognOn4_JDUpzClD9bv30dIwrEXdhRXjSlEOkX8tqA4OvCd9bLb6gu9DvA2m4y7I0A== Show response
fundingchoicesmessages.google.com/f/ 57 KB
23 KB 63ms
49ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVpEZizS8BM2ybLIBv1wognOn4_JDUpzClD9bv30dIwrEXdhRXjSlEOkX8tqA4OvCd9bLb6gu9DvA2m4y7I0A==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE1ODk2MTQ5LDMyMTAwMDAwMF0sIjM3Q0U2NzVDLUEzMzItNDIyMS05RDI1LUZENTRDMjRBNjlDMiIsIjRGRTBFOTc2LTRGOUMtNDg3OC1COTE0LTVFNzA5RjMyRTg2MSIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d08e156cab91cdaa82b1cc48e5fcf99112825867d6cef4036a40d3c1c01a74a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5yIz20QxWoutaEuRdy132g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5yIz20QxWoutaEuRdy132g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-5yIz20QxWoutaEuRdy132g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5yIz20QxWoutaEuRdy132g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Tue, 16 Mar 2021 12:02:29 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
646 B 111ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=entreterse.com.br&callback=_gfp_s_&client=ca-pub-6514705902031304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fa25cd0b64b917ede17b241c5273e42553a67d8a1b2c559dae8d9bfdc5c6cbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=entreterse.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=entreterse.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D81 88 KB
32 KB 672ms
671ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3181ba9ddfb53f7e1a034cfbb08e110789083ab2edeaf6691067ec8a696250d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK_N55_itO8CFRPjuwgdfpoOXQ&gqi=VZ5QYNyKFYbF-gbQjqfQCw&layout=/sadbundle/%24csp%253Der3%24/11872115851184484808/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK_N55_itO8CFRPjuwgdfpoOXQ&gqi=VZ5QYNyKFYbF-gbQjqfQCw&layout=/sadbundle/%24csp%253Der3%24/11872115851184484808/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 12:02:30 GMT
server: cafe
content-length: 31990
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:30 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7813 75 KB
24 KB 361ms
359ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=4029023989&adf=2055030453&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=3&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XVo4NifHtA&p=https%3A//entreterse.com.br&dtd=127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58c83ef54167003970d13d34e4c5ff34b1cbb50ea43ae51a097ff3911c6f8ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=4029023989&adf=2055030453&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=3&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XVo4NifHtA&p=https%3A//entreterse.com.br&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 12:02:29 GMT
server: cafe
content-length: 24742
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9FD 405 B
405 B 277ms
276ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=55860125&adf=2087349704&pi=t.ma~as.2032392315&w=250&lmt=1615896149&psa=0&format=250x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=7&bdt=963&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Kk3zvDfhbk&p=https%3A//entreterse.com.br&dtd=134

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43186dc2b1783aae37cdbb1d8d8ff6ce6168dd867cde34fc07171294a177c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=55860125&adf=2087349704&pi=t.ma~as.2032392315&w=250&lmt=1615896149&psa=0&format=250x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=7&bdt=963&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1657&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Kk3zvDfhbk&p=https%3A//entreterse.com.br&dtd=134
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 12:02:29 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4BC 65 KB
21 KB 491ms
491ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867a93e8c715cdd6c990b9128ff453cec8f2ec51ecc0190625832ab21be49c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 12:02:29 GMT
server: cafe
content-length: 21298
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:29 GMT

GET
H/1.1 200
OK netflix-b-696x392.jpg
entreterse.s3.amazonaws.com/wp-content/uploads/2020/07/ 73 KB
74 KB 177ms
176ms Image
image/jpeg 52.216.185.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entreterse.s3.amazonaws.com/wp-content/uploads/2020/07/netflix-b-696x392.jpg
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.185.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bf973ec91aff415e432d4cf5b5d72b2fc18f7ecc0a600e72567a68d6b23f5f2

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Last-Modified: Mon, 27 Jul 2020 14:22:22 GMT
Server: AmazonS3
x-amz-request-id: RJQXZC4BPX725094
ETag: "02e830baf09b6008319f325404ebfa83"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 75255
x-amz-id-2: 3EBnwnwDyXGc0Fb68UdMNC2fie8Ri/e3uU0Xs/xg8LtL5ZcDoe5E2yN0RrqCoS0PyKiIDUbLxGQ=
Expires: Tue, 27 Jul 2021 14:22:21 GMT

GET
H2 200 index.php Show response
stg.truvidplayer.com/ 977 B
757 B 167ms
113ms Script
text/html 13.32.21.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=528&widget_id=3014&playlist_id=2168&m=a&cb=9672193235877510
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5f5bdeefac4b58a78182e935fc4be69911a016c622ddb82dc4c248a487487c0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: T302mkedKLTf7zZ8Ns_KofMYANpSBZpUlEDWjTCiR5qR11vGKS_fLg==

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame 0476 13 KB
6 KB 65ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=1719&g=1615896149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 08:16:14 GMT
content-encoding: gzip
age: 13575
x-guploader-uploadid: ABg5-Uy40bwNUqijEZr95MCr4nYk7s_gP07IB2wDLJbSzCGYyp_OHUmzZFPcjqnlBrYhNXtx8F3v-kcKsoSgdCPVo9JXd2BS5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5285
last-modified: Thu, 11 Mar 2021 19:20:13 GMT
server: UploadServer
etag: "be6e96babb20bbcb86a6a51f72d23c5f"
x-goog-hash: crc32c=vdeeXw==, md5=vm6Wursgu8uGpqUfctI8Xw==
content-language: en
x-goog-generation: 1615490413528280
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 Mar 2021 08:16:14 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 0476 8 KB
3 KB 29ms
14ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=1719&g=1615896149
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1

Request headers

Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1305
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 08dc8395de00003233ce8b4000000001
last-modified: Tue, 05 Feb 2019 21:24:03 GMT
server: cloudflare
etag: W/"5c59fef3-1f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 630dd5362ec93233-FRA
expires: Tue, 16 Mar 2021 12:40:44 GMT

POST
H3-Q050 204 AGSKWxUK3EVyfNavtqsRKXd8T1Cm2DAZ0zQu_K-fVZgmYr-ScI1q_jxgF6CVVaCzM_r-sruQguaqyjLPxxF4AEKHQ3nKSh_ErG71cigLDL9G0wK0rhwk6BLW2knouwRbYIA5MjVIy2ezEcAavmzsR6Po9TESx4twjuQ8ol8hdePRXsI01PNS_C3eOP1OBQ4= Show response
fundingchoicesmessages.google.com/l/ 0
337 B 20ms
20ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUK3EVyfNavtqsRKXd8T1Cm2DAZ0zQu_K-fVZgmYr-ScI1q_jxgF6CVVaCzM_r-sruQguaqyjLPxxF4AEKHQ3nKSh_ErG71cigLDL9G0wK0rhwk6BLW2knouwRbYIA5MjVIy2ezEcAavmzsR6Po9TESx4twjuQ8ol8hdePRXsI01PNS_C3eOP1OBQ4=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.rfDYU3pOOvo.es5.O/d=1/ct=zgms/rs=AJlcJMzBPqaHEwAvFoMwl1bNLC9urw11Jg/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rz3YfCO/fHvPbKjemFrrcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rz3YfCO/fHvPbKjemFrrcA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-rz3YfCO/fHvPbKjemFrrcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rz3YfCO/fHvPbKjemFrrcA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUK3EVyfNavtqsRKXd8T1Cm2DAZ0zQu_K-fVZgmYr-ScI1q_jxgF6CVVaCzM_r-sruQguaqyjLPxxF4AEKHQ3nKSh_ErG71cigLDL9G0wK0rhwk6BLW2knouwRbYIA5MjVIy2ezEcAavmzsR6Po9TESx4twjuQ8ol8hdePRXsI01PNS_C3eOP1OBQ4= Show response
fundingchoicesmessages.google.com/l/ 0
338 B 20ms
20ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f61jGPz7GFxCw+5I2FglPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-f61jGPz7GFxCw+5I2FglPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-f61jGPz7GFxCw+5I2FglPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-f61jGPz7GFxCw+5I2FglPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVAkTlRevlpFdthnAsLawnu2kA10xIYSOUd06aoWTXLd2ShvJbuDHPALD4HTVVBldEZVvBAGGC4nji7Ehob-bk7KU3te2l4NQQUuDe74c32T9LwYydajcIe6UVR7qD5uTM-JuFdnraDrSL-UdOi0yE1GX9PTnpCW-iztvYviq2CCPjr0ql9j5tczBE= Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAkTlRevlpFdthnAsLawnu2kA10xIYSOUd06aoWTXLd2ShvJbuDHPALD4HTVVBldEZVvBAGGC4nji7Ehob-bk7KU3te2l4NQQUuDe74c32T9LwYydajcIe6UVR7qD5uTM-JuFdnraDrSL-UdOi0yE1GX9PTnpCW-iztvYviq2CCPjr0ql9j5tczBE=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE1ODk2MTQ5LDUyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXV0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f07ad6f3b0a51d03ff00cb82aabc43fee1c7b5898c7846773e9405510bbd4ba4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8pQJpg2K7Sk/rREW8Cb+sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8pQJpg2K7Sk/rREW8Cb+sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-8pQJpg2K7Sk/rREW8Cb+sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8pQJpg2K7Sk/rREW8Cb+sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1739.003-3.012/ 587 KB
188 KB 39ms
39ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 630dd536ea421e99-AMS
date: Tue, 16 Mar 2021 12:02:29 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 17:54:06 GMT
server: cloudflare
age: 2706
etag: W/"92b3b-5bd325a6ca9aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08dc83965300001e99eb06b000000001
expires: Thu, 15 Apr 2021 11:17:23 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 44ms
29ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=entreterse.com.br

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 47ms
32ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=entreterse.com.br

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3FC 15 KB
1 KB 90ms
89ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&adk=1812271804&adf=3025194257&lmt=1615896149&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fentreterse.com.br%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615896149597&bpp=1&bdt=1345&idt=1&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250%2C970x250&nras=1&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=9&uci=a!9&fsb=1&dtd=9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c0ade2481689a803bc9391c4c5b890a4c230777ed7575dcd8964a5ded490126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&adk=1812271804&adf=3025194257&lmt=1615896149&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fentreterse.com.br%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615896149597&bpp=1&bdt=1345&idt=1&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250%2C970x250&nras=1&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=9&uci=a!9&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 12:02:29 GMT
server: cafe
content-length: 1172
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:29 GMT
cache-control: private

GET
H2 200 page.php Show response
www.facebook.com/v8.0/plugins/ Frame F099 165 KB
36 KB 109ms
109ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4194950fb56c6635ae416698dddfe72776f060467e91430f8a514a5d5db79bc7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: D+7rhsDmxQ11z8UXkjVkxjUsTyZTlDGO1u8llSUjX2/0vlFTeJkv//i1xyxw/a0zgoNnmh9Im8ojPn/3BVSERg==
date: Tue, 16 Mar 2021 12:02:29 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 705E 46 KB
14 KB 95ms
95ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fd6637b46f150e7aa0aa9f5ed6592832214a08cbb20b58a37cbdc433375089f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: ylXHLameLlDQ1TdZ9bkdm4A2uQca56vivS+yVJo7ZinfJNnuJhWyrDD8UwiSUPLHKxxoLSSHBPMtvXOf3SLymA==
date: Tue, 16 Mar 2021 12:02:29 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 67A3 34 KB
13 KB 67ms
67ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

544aa66a5972e51391b8029971f23bb0301421035dcc1cb6155409c5c2d3c764

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: BmX9ExRq2Wh1CivKDQESfLRLhaE4sZZncHY/Brwdba5zjbpzf/jYSTdwOL/mukeS1WeliDFBqXmkeLZue4o4Bw==
date: Tue, 16 Mar 2021 12:02:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 8B8E 18 KB
8 KB 69ms
69ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3bdd62b912d4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FS%25C3%25A9ries-Novidades-e-Resenhas-237370657149250%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1cfe6495d53350ed15c8f3d909a0ed8f3d426bf92feea94b59d07e01a65bda5c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3bdd62b912d4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FS%25C3%25A9ries-Novidades-e-Resenhas-237370657149250%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: VUuKR3Kp35b7SucSGrbFF9fOHqZmdEC77tQSqotWi1fRC2XgznPU9cFKbpcIP2DYGFJ/EINwhxZ+yj77OZ7rZA==
date: Tue, 16 Mar 2021 12:02:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 76B5 18 KB
8 KB 55ms
54ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f29f4a7bc448%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FLivros-Novidades-e-Resenhas-116030259804690%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce2a201672e787a6913e5914533e16534aa3d41c87352796ab0e675e34616fd9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f29f4a7bc448%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FLivros-Novidades-e-Resenhas-116030259804690%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 3zrCR/DhqYncJ1cnUPLATfXVcXiyR2SerVKna762iLjA6aL6qBQGawgWcKmwKpguMcYbGSF+k2KPMXJTTVsnCA==
date: Tue, 16 Mar 2021 12:02:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame A615 18 KB
8 KB 59ms
59ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27ad43e2f90774%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAnimes-Novidades-e-Resenhas-102980351118309%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bdade9f8c892891b39ca96aa96190dbb11406daa4e807c4f1edd5d7c4b26d16e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27ad43e2f90774%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAnimes-Novidades-e-Resenhas-102980351118309%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: iDycaR+EUUh3ps+Wmna2cyYk9RqWu6W0ywqYD9JcdzzE70Iu8cdt1ZT0A0CHBvJckjUD//cZ9gAVfIuBlQPVGw==
date: Tue, 16 Mar 2021 12:02:29 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 99A5 34 KB
13 KB 66ms
65ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=0d11873c9c7f89b96ae4b2804be786c2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50603c2b40927651c14bf0af4bc6fce0bbbcab38d0ba0c62a7424d9bba88b8c5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v8.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: WvmtTIAfisUjepNqRGLK8yHPlFvBLF8y9bKk4onCFsvdcUccebbdJmTgNj4NE2TWqm5fjg59PaQTiOiZ/3hqQw==
date: Tue, 16 Mar 2021 12:02:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 vx.js Show response
cdn.cazamba.com/dev/ 121 B
382 B 46ms
25ms Script
text/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cazamba.com/dev/vx.js?v=5
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5343c7a2c5c03d6beed4539f55e4e972871fc4aa35d279a62237960fd922ac96

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
last-modified: Mon, 07 May 2018 21:15:23 GMT
server: AmazonS3
x-amz-request-id: 10S8HCTEWY5RM5M9
etag: "7b77566780860d41288ac4120583f4cb"
x-hw: 1615896149.cds158.fr8.hn,1615896149.cds109.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache,no-transform,must-revalidate
content-length: 139
accept-ranges: bytes
x-amz-version-id: null
x-amz-id-2: NLTkaGWQdbithHlcJkEEUpeIp8ReHkyisxkX3eD0P3vMeaCgPTAoSyeQux8uxCIlsT4AJ/sIhoI=

GET
H2 200 vec.js Show response
cdn.cazamba.com/common/ 1 KB
772 B 46ms
25ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cazamba.com/common/vec.js
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cdd22e067545f77d4168806ab785103e5702b8976e5f77c5e811e4118f817a6

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 16:14:29 GMT
server: AmazonS3
x-amz-request-id: 06B3EBMKWYNSV15Z
etag: "ce7ecf48a3e2ed43c1dfa6cafec8d87f"
x-hw: 1615896149.cds158.fr8.hn,1615896149.cds138.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache,no-transform,must-revalidate
content-length: 522
accept-ranges: bytes
x-amz-version-id: OnhU4J9fP.kOF6YZfw9LuiFYySBmurSx
x-amz-id-2: 6XnuHVPUscMvbIzLqxI/sef/MWaRhyZbTtX809ATlu13XEJ7n9GYoLVpXgnBDIVntk2OKRBJKwk=

GET
H2 200 desktopFooter.min.js Show response
cdn.cazamba.com/adx/ 5 KB
2 KB 46ms
26ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cazamba.com/adx/desktopFooter.min.js
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ead5ff764075d6bc2632b073703798e0650a4ff1ac67a80835960b3455edb44

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 17:07:58 GMT
server: AmazonS3
x-amz-request-id: 266VG8XREY6N9AMG
etag: "551adcff3cb53f17ebf0d1e05004e298"
x-hw: 1615896149.cds158.fr8.hn,1615896149.cds218.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache,no-transform,must-revalidate
content-length: 2207
x-amz-meta-version-id: FNXi1ZCweVe4_NjxpKH2MP8pk.41j_Fl
accept-ranges: bytes
x-amz-version-id: ixS3_Ja8ehUm_9ig7xrYx0MEYejVrmHm
x-amz-id-2: CQUJzIqm/Cy0tsvT16UC+CVZN6YKIECeZXxMyw/HQ+KufDaCuKky2+yGQPRPSMEVVpyFh3vDy8k=

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame 0476 92 B
268 B 167ms
112ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
via: 1.1 google
cache-control: max-age=3600
alt-svc: clear
expires: Tue, 16 Mar 2021 13:02:29 GMT

GET
H2 200 3014.js Show response
go.trvdp.com/init/ 23 KB
23 KB 33ms
8ms Script
binary/octet-stream 2600:9000:211e:8400:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/3014.js?pid=2168
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=528&widget_id=3014&playlist_id=2168&m=a&cb=9672193235877510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93586803380d50e8036a5d4b6d5e190fa9ac41406cefedb69ef537ed831bf674

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 16:51:22 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:05:09 GMT
server: AmazonS3
age: 3179468
etag: "caa14c3682becc066031e33eafdeabe4"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: X-h6ZXRiGDV5XS2R4FqQ4LMekWvjZCtMfgzmrtFNjSKPuMEXmULBzg==

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 40ms
39ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 630dd5386e1d1e99-AMS
date: Tue, 16 Mar 2021 12:02:29 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 13932
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08dc83974500001e9941901000000001
expires: Thu, 15 Apr 2021 08:10:17 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 4E4F 9 KB
2 KB 222ms
221ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a824e9b79baed1ac8c3e8a31d9d2a0b3b57323fbc8243bf17ffc2249f466b3

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3276710&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=df15ab0d799ea6c0c54b9f8f0e16b4d851615896149; expires=Thu, 15-Apr-21 12:02:29 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08dc83975b00001e991b8a3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 630dd5389e6c1e99-AMS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
78 B 128ms
127ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3276710&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 630dd5389e7d1e99-AMS
content-length: 0
cf-request-id: 08dc83976000001e9946112000000001

POST
H2 204 result Show response
entreterse.com.br/cdn-cgi/bm/cv/ 0
638 B 23ms
23ms XHR
text/plain 104.21.68.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://entreterse.com.br/cdn-cgi/bm/cv/result?req_id=630dd52dcc1b4c6e
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.68.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nE97j1i6DNgnj8Uu1V0N6gQ%2FumXKzY0TL9Xj9EtAwntipfouHTTlqaxywSncpDrKbIsWnv3ORgqBzBgS7vX7PG0rdhj3oYfNlbANQC8bxhz%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 630dd538d8564c6e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dc83978400004c6ed00d9000000001

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.cazamba.com
URL: https://cdn.cazamba.com/adx/desktopFooter.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89369e639eda7a60df3cbec527bb2428794d81219de9f84c33e93ed814535316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 355 of 1000 / last-modified: 1615893033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:29 GMT

GET
H2 200 72a874cca306542af25f88900e42ba2c.js Show response
www.gstatic.com/mysidia/ Frame 7813 7 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/72a874cca306542af25f88900e42ba2c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=4029023989&adf=2055030453&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=3&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XVo4NifHtA&p=https%3A//entreterse.com.br&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3943403fa574f048b588642d8370339a02dce3a7ec8a578662ecbc885b48e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 07:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 448968
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Wed, 09 Jun 2021 07:19:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7813 3 KB
677 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 10:05:27 GMT
server: ESF
date: Tue, 16 Mar 2021 12:02:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:02:29 GMT

GET
H2 200 cOOKXP784iS.css
www.facebook.com/rsrc.php/v3/y5/l/0,cross/ Frame 76B5 18 KB
5 KB 6ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/cOOKXP784iS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f29f4a7bc448%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FLivros-Novidades-e-Resenhas-116030259804690%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04791844cc4d702f41e911731a837362697e09f32cd91d0e96edf7688c89fe25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f29f4a7bc448%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FLivros-Novidades-e-Resenhas-116030259804690%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Jb+nw0owjHZGjkxnCd1fTeaqgHCzeRGyoGH64o/7QBgu+7xOolfogSMe9NpHNQZnmD+nIesQJvzFck2879SCGw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Bh6d7L6oBwfeEBM2czaAeA==
date: Mon, 15 Mar 2021 17:32:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5288
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:32:19 GMT

GET
H3-Q050 200 3aa3fb99195f3894d7dec54cc5b479a1.js Show response
www.gstatic.com/mysidia/ Frame 7813 8 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 09:39:35 GMT
server: sffe
age: 592199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Mon, 07 Jun 2021 15:32:30 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 7813 2 KB
992 B 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:57:07 GMT

GET
H3-Q050 200 6248eab49cfd09ff78cd9d1acc91b01c.js Show response
www.gstatic.com/mysidia/ Frame 7813 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6248eab49cfd09ff78cd9d1acc91b01c.js?tag=analytics_pingback_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 64015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Sun, 13 Jun 2021 18:15:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 7813 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:59:09 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 7813 2 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:55 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7813 112 KB
34 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 7813 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:33 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 7813 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 485123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H2 200 cOOKXP784iS.css
www.facebook.com/rsrc.php/v3/y5/l/0,cross/ Frame A615 18 KB
5 KB 7ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/cOOKXP784iS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27ad43e2f90774%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAnimes-Novidades-e-Resenhas-102980351118309%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04791844cc4d702f41e911731a837362697e09f32cd91d0e96edf7688c89fe25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27ad43e2f90774%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAnimes-Novidades-e-Resenhas-102980351118309%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Jb+nw0owjHZGjkxnCd1fTeaqgHCzeRGyoGH64o/7QBgu+7xOolfogSMe9NpHNQZnmD+nIesQJvzFck2879SCGw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Bh6d7L6oBwfeEBM2czaAeA==
date: Mon, 15 Mar 2021 17:32:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5288
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:32:19 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 67A3 400 B
616 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: e6l2ON0srT6bv/3reeRfqwRfrkbxAuk/P1NaL9UP6vQw6jhC0dYy3eXbQWwWW5ST3YwrtQHcFZC/SMDDPenc5g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 02 Mar 2021 19:44:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 19:44:29 GMT

GET
H2 200 ZC424meY2W_.js Show response
www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ Frame 67A3 479 KB
124 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ZC424meY2W_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a363616fb2b7d8f0dd448d8fe288c9d3c27d9243c93b83b2b04517a7e84abeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: thX4bdTv6pvvo0ZZZZcR5w==
cross-origin-resource-policy: cross-origin
content-length: 126345
x-fb-rlafr: 0
x-fb-debug: 4xT27daNQXd7b64gTj9RVbLORsqN60sJZtZqLzHTH4katqdiuC9AR7u0xr399GseKmpsSFT5Wz6G65xz6ux2Bg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 03:39:02 GMT

GET
H2 200 cOOKXP784iS.css
www.facebook.com/rsrc.php/v3/y5/l/0,cross/ Frame 8B8E 18 KB
5 KB 12ms
9ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/cOOKXP784iS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3bdd62b912d4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FS%25C3%25A9ries-Novidades-e-Resenhas-237370657149250%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04791844cc4d702f41e911731a837362697e09f32cd91d0e96edf7688c89fe25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3bdd62b912d4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FS%25C3%25A9ries-Novidades-e-Resenhas-237370657149250%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Jb+nw0owjHZGjkxnCd1fTeaqgHCzeRGyoGH64o/7QBgu+7xOolfogSMe9NpHNQZnmD+nIesQJvzFck2879SCGw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Bh6d7L6oBwfeEBM2czaAeA==
date: Mon, 15 Mar 2021 17:32:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5288
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:32:19 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 99A5 400 B
540 B 9ms
8ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: e6l2ON0srT6bv/3reeRfqwRfrkbxAuk/P1NaL9UP6vQw6jhC0dYy3eXbQWwWW5ST3YwrtQHcFZC/SMDDPenc5g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 02 Mar 2021 19:44:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 19:44:29 GMT

GET
H2 200 ZC424meY2W_.js Show response
www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ Frame 99A5 479 KB
124 KB 7ms
7ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ZC424meY2W_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a363616fb2b7d8f0dd448d8fe288c9d3c27d9243c93b83b2b04517a7e84abeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: thX4bdTv6pvvo0ZZZZcR5w==
cross-origin-resource-policy: cross-origin
content-length: 126345
x-fb-rlafr: 0
x-fb-debug: 4xT27daNQXd7b64gTj9RVbLORsqN60sJZtZqLzHTH4katqdiuC9AR7u0xr399GseKmpsSFT5Wz6G65xz6ux2Bg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 03:39:02 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C4BC 3 KB
1016 B 43ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 12:01:43 GMT
server: ESF
date: Tue, 16 Mar 2021 12:02:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:02:29 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 705E 400 B
540 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: e6l2ON0srT6bv/3reeRfqwRfrkbxAuk/P1NaL9UP6vQw6jhC0dYy3eXbQWwWW5ST3YwrtQHcFZC/SMDDPenc5g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 02 Mar 2021 19:44:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 19:44:29 GMT

GET
H2 200 ZC424meY2W_.js Show response
www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ Frame 705E 479 KB
124 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/y_/l/pt_BR/ZC424meY2W_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a363616fb2b7d8f0dd448d8fe288c9d3c27d9243c93b83b2b04517a7e84abeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: thX4bdTv6pvvo0ZZZZcR5w==
cross-origin-resource-policy: cross-origin
content-length: 126345
x-fb-rlafr: 0
x-fb-debug: 4xT27daNQXd7b64gTj9RVbLORsqN60sJZtZqLzHTH4katqdiuC9AR7u0xr399GseKmpsSFT5Wz6G65xz6ux2Bg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 03:39:02 GMT

GET
H2 200 ZvNSQ6X6spi.css
www.facebook.com/rsrc.php/v3/yh/l/0,cross/ Frame F099 29 KB
8 KB 7ms
5ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ULaGxlH3Wo/Q8Qr6pfJmKvGcTSbr22hQRgfNwqXaKyJOyhJcfefzsEFCtj9xTjrofuGMQ3odUUy+k6U4uUZxBg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: lpNSdCsIKG1DvC+O6EGdUQ==
date: Mon, 15 Mar 2021 17:28:37 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8478
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:28:37 GMT

GET
H2 200 xnFbs6JXOeq.css
www.facebook.com/rsrc.php/v3/y7/l/0,cross/ Frame F099 34 KB
7 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y7/l/0,cross/xnFbs6JXOeq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

147c0a402198f091dde33543a076177882144c4c774605b57dff5a43c6d62f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Z/OId717EjRdSM7uRc38Lz8mSIfODWlq2W2/b0IqTG3FKXLfiyfnM1/Esb0N2TlomIKhTFHy1hQvHwE6Qel8+w==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: hC0niV3RaAalD7eVccD2SQ==
date: Mon, 15 Mar 2021 15:38:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6552
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 COFZ7ITuwSz.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame F099 268 KB
71 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: s2qPk4KHi+rzMXlawXrWKpK1FhqmIqZSjZEs6uC+fXzXOITTZKSs4+yxOE5XTdZ5hSMhM8JJZwjue7BKhif6Ug==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: RdaRlLRvra/nUVf/g2gp9w==
date: Mon, 15 Mar 2021 15:38:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72280
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame F099 65 KB
20 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: +CMN9ncsN5JNOFsd1uYNZgLtSykGtIJK9DSUMOQDF/r2NMLWfZRkpqYbIO+uuytUimrZg2s3uXsOSe7QtbZafw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Cfo2M49o9x+I1QtbBGCQ5w==
date: Mon, 15 Mar 2021 15:38:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20250
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iM-F4/yn/l/pt_BR/ Frame F099 122 KB
34 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/yn/l/pt_BR/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7deea224046ed78860f5244fa977c7b54c21f60f11cebba64cf8bc989d107d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KNUoOIgnCElbwcxpyYS3Tg==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
content-length: 34806
x-fb-rlafr: 0
x-fb-debug: 7TY38YKqb5zHCaXMPTH8d7D8B8mI/Ao7KRja7RT60noZUDex4o/D1ZcFpZ9rQH+9C/Q4Ir2uNIpmsFIzZkXAig==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 13 Mar 2022 03:31:06 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame F099 7 KB
2 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: eVW6d3n2p0DMLiabruQE2ErhwOmtZEw272AleFiDS0d0gppA/BiovexUXFmyDG94LRG1mneDJ0Yc+AAEMIld9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 EiHUEqLovtm.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame F099 43 KB
13 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/EiHUEqLovtm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48ea09f0084bdb3cb647bc0d36d9ac719094c005d049da95589de9f199425c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: M2gJZdIoC0LugzQ/JrXNqw==
cross-origin-resource-policy: cross-origin
content-length: 12714
x-fb-rlafr: 0
x-fb-debug: Em3T6+tXDHVtaAIh9qAGNEzS8P0PIaejJUqR5HDqhoJEoGCsPNSHMco8R9OWmz4vqXZrQNMORCyk+hK0NcDRhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 0We0FKCV5Na.js Show response
www.facebook.com/rsrc.php/v3/y2/r/ Frame F099 17 KB
6 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/0We0FKCV5Na.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

419ef23176640e73e6691597d88b3ccfd9f57d1ee983f319be1b179ba8fbc8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: TpbP4ABLiSUBsCUVaMNSkZ231DY0CJUvAKEF8esHU/H8AEqZ1L5QvNy1pQd/You4anY4tIK6Y1DKZJX4D1kxFQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: DrI/OWNfRZuZgxSxBCGbUg==
date: Mon, 15 Mar 2021 19:26:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5651
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 19:26:52 GMT

GET
H2 200 UdS7Amd3aXI.js Show response
www.facebook.com/rsrc.php/v3iL6L4/ys/l/pt_BR/ Frame F099 37 KB
10 KB 16ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iL6L4/ys/l/pt_BR/UdS7Amd3aXI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4d55b7c1d2eb3b11780a56183efbc330195917ee9df4911764f9960232696f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: H5HUoXxNB6hQ8WKumqQ1Z3QO32dafuDmzeUrFbb0a2Ks/hS00HQcXBrlWl/fKrTalzhJs/+t3dW3ePfLnCkuvg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: oz+EkpiMbd/PF1ED/UGcCA==
date: Fri, 12 Mar 2021 05:07:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9892
x-fb-rlafr: 0
expires: Sat, 12 Mar 2022 05:07:56 GMT

GET
H2 200 hkkaSyac7rx.js Show response
www.facebook.com/rsrc.php/v3/yn/r/ Frame F099 210 KB
59 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yn/r/hkkaSyac7rx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

657753c380b0c6dfd199ea48ed561777e27c27c439a99fa70c7cb8a2d3ec1ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DoSm2qfF7SfyppwXCzqLEw==
cross-origin-resource-policy: cross-origin
content-length: 60655
x-fb-rlafr: 0
x-fb-debug: hAXeOCrVpovznCxvwXNgJ+AT/Ez1aUV0h8d87V/nz/zgf4Vd4ywjDX6NDrdDkVPy6qNOlMiFgoJtXbcuztZjlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 jljN-YN4aVX.js Show response
www.facebook.com/rsrc.php/v3iD594/yU/l/pt_BR/ Frame F099 422 KB
101 KB 16ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iD594/yU/l/pt_BR/jljN-YN4aVX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1720896223132687cfb0bf6bd6f3e6b13b7c15ba7390c402ca6990ca30b18ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4tQLsthHprSpTdyNkwobKQ==
cross-origin-resource-policy: cross-origin
content-length: 103250
x-fb-rlafr: 0
x-fb-debug: ugBBPRgUXgmwdzYwY7Wc0uh8Z7lRzn840rBaNr/MomWIb9hfHPKKMUzcHXiaZ4wPCMbodjzTKEsItYXydHP2Zg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 17:40:51 GMT

GET
H2 200 3x4NEx9Q-Hz.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame F099 93 KB
26 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/3x4NEx9Q-Hz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfb57d656a1a3c24f06bcc0d687666b25942016f29ce9a623947101fd6bf0217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: TVLuNR4xcjOvXoRVlsONqXf0sF1Oh0Nt5JuMs0EGZTV3bpgonVvQIMdyKwaZlJET6SY3Aw+0Vlu7zahDws/rMQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 81WL3PF3pZhlzDsvyO5kkA==
date: Mon, 15 Mar 2021 15:38:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26058
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:31 GMT

GET
H2 200 QDRLvcgkKxi.js Show response
www.facebook.com/rsrc.php/v3/yQ/r/ Frame F099 22 KB
7 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/r/QDRLvcgkKxi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

226bbf35bac9e3adbf7f7556634aaad086a47887fa005d1de73c4c1a24a002c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: luDcqrNOnuAr7WYNTimWA5VNg+6SM9cgZGzy32HdUm+G+JF09Mkncn2n8N9+d3Koiv4MPtl16BtEHRhXlmLpOA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8Tf90AKysXqAr+/v2BGuvQ==
date: Mon, 15 Mar 2021 15:38:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7133
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 qX_t6Y8gkvF.js Show response
www.facebook.com/rsrc.php/v3/yT/r/ Frame F099 358 B
463 B 20ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/qX_t6Y8gkvF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

099a4a1f4e2f8fbb63a0b1dd8273db46cca72083c32234e88be13c4793769cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: shpXRsLAzNF1E9O6Xoorc/HBRRxeKQUTvRpRpqdG+9Y0eTiYP3yexMsM4ZVJxYQSPZ2VPQwTgHMATUeNpApF3w==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +6heSlxZ+Qw5/32wt6gaBQ==
date: Mon, 15 Mar 2021 16:29:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 249
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 16:29:38 GMT

GET
H2 200 dKiezS2KKo_.js Show response
www.facebook.com/rsrc.php/v3/yV/r/ Frame F099 257 KB
58 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/r/dKiezS2KKo_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b590c0d4585627720a7d31ca5de41aa2fdfcdbbd60920283b6187f6055fc9c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 11:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MzFpzYLGcQ8wit1R80Q7zA==
cross-origin-resource-policy: cross-origin
content-length: 59068
x-fb-rlafr: 0
x-fb-debug: a2ukH6s4NmEs6jlsT1lSRIgKQS//FwzCTjiDLLqX1xtZLh7BciOR54hGWK+58RHqPJStPkhGRzaKylvcceV28g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 12 Mar 2022 11:35:35 GMT

GET
H2 200 Y7QEzKDygMk.js Show response
www.facebook.com/rsrc.php/v3iUX_4/y8/l/pt_BR/ Frame F099 27 KB
8 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUX_4/y8/l/pt_BR/Y7QEzKDygMk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f3d1bf7713f2fa9c735e205cbca2aec4aeab6539159a149edf96c655429c4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 00:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Y14/aJBDc3fh0UkQnIpiog==
cross-origin-resource-policy: cross-origin
content-length: 7547
x-fb-rlafr: 0
x-fb-debug: Yp9J0oFEVeUZMAt3VlzeHqnwyronAorBrvz99F/gkQvzmKyBoaWPBhPpH2pXfNAA+BDRRFRB0HQ+7XhknTLbsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Mar 2022 00:11:14 GMT

GET
H2 200 8lEos4dxMMq.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame F099 22 KB
8 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/8lEos4dxMMq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ef6ed451f5d0b3aeffe0447a6f2c8806902e3200cf4bb289d9a03eebffa7db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: MwpkwBPJl+ZLJSUQo2VvfiDkrCit2Un3nHvueL76Av0QuRqWnTOvjOoURszj+PVACUQdALaHssLySed6Z/aTlg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: cOQq/EfZ/K+CGM3fcFUlsg==
date: Mon, 15 Mar 2021 17:29:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7636
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:29:18 GMT

GET
H2 200 85179662_3574874309251598_6862295597890666496_o.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s350x350/ Frame F099 5 KB
5 KB 20ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s350x350/85179662_3574874309251598_6862295597890666496_o.jpg?_nc_cat=108&ccb=1-3&_nc_sid=dd9801&_nc_ohc=7EkulSyPDKkAX9l1plj&_nc_ht=scontent-frt3-1.xx&tp=7&oh=2f1067c25be51709e15ecbdce01c317d&oe=6074CFD7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b781b314e0d668857badb3100a4026984a45ba3a554020b71acb0cd317b68511

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 829688997
date: Tue, 16 Mar 2021 12:02:30 GMT
x-fb-trip-id: 686109401
last-modified: Sun, 01 Mar 2020 04:40:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 172661965
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4705

GET
H2 200 69611444_2982772338461801_388016957657448448_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame F099 2 KB
2 KB 8ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/69611444_2982772338461801_388016957657448448_o.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=Y6dN_lqNAnMAX-1wOEA&_nc_ht=scontent-frx5-1.xx&tp=27&oh=5da976f701dc2a4fbbc84d9a2244d812&oe=6077BEFC
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 99da222a409dec8747d44bfc1e81d9d2f03d9e3ca0b91b6fe29fed5144856eab

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3945322856
date: Tue, 16 Mar 2021 12:02:30 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 27 Aug 2019 00:11:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 578449443
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1902

GET
H3-Q050 200 bgl_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame C4BC 5 KB
3 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/bgl_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da282b76aa8d03c16cd3bf920f56c7a0a69886a7425f96b1fe35b33b68548916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2554
x-xss-protection: 0
server: cafe
etag: 8603738690663691921
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:09:18 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C4BC 2 KB
924 B 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:57:07 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame C4BC 17 KB
7 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:59:09 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C4BC 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:55 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4BC 112 KB
34 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C4BC 13 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:33 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame C4BC 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 485123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12697511707841691591/ Frame 7813 35 KB
35 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12697511707841691591/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5e32b4b10e4fddf5105ac8bee3f993ffe8896d1361abbfcd90efe7e17b36c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 11:13:51 GMT
x-content-type-options: nosniff
age: 262119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36162
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 10:41:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 11:13:51 GMT

GET
DATA 200
OK truncated
/ Frame 7813 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 12 KB
6 KB 163ms
118ms XHR
application/json 13.32.21.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=528&wid=3014&cb=5985.846388362208&pid=2168&url=https%3A%2F%2Fentreterse.com.br%2F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3014.js?pid=2168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 15b2757b817bcc9b6ae82a0a86adcce5347cb7f6f18eb39b935690fd87bea2f7

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://entreterse.com.br
access-control-allow-credentials: true
x-amz-cf-id: B_YYPPx_kJ_tYAKyUAsHIpMTt2neeGX0bvsTH3iaGU8N3fHdwf9meA==
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7813 0
0 70ms
57ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC6i1VZ5QYOHzFdCv7_UP3ZOO6AXHtYDfX9_9iYiVC8CNtwEQASCegeEfYJWKuILIB6ABi93h4APIAQmpAgQ-TmXQArQ-qAMByAPLBKoE5wFP0JZUHnBnY2rIV4zOyVa7LIMPXTu5b0kzjYTa8ctL1uWlH6b1tHYNQn9bg_ktMIxFz2AatNYfRandN2EAFu9H70UaeQLubPdIl04Up5r_TLgs6WuPcugTb-J1vdcz8cuRAllNAMZCI0Y5CghUEBrED0RTdL_2y2bKU9GRVKpvIH7tA321vql6sU9mbm3mR4csYkA3cWUZn-g1tvcH5Q8UnJvVLrCmZFs-ApEaJxnBiAFW1-oOSr-LZzklRDQ3WJaeAWUhCPH8Ikq22e-409HwQwH7EEdSad9T-tQt_PGgf_owF677_hLABOy7gZWDA5IFBAgEGAGSBQQIBRgEoAYugAfdop4fqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENiODtIICQiA4YBwEAEYH4AKAcgLAdgTDIgUBLIXGgoYCAASFHB1Yi02NTE0NzA1OTAyMDMxMzA0&sigh=SKtqBl94b8U&template_id=5000&tpd=AGWhJmtcCUkVaa_CwFUVxuo3jIEWrR484HulipOM1E3HhyrWEg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=4029023989&adf=2055030453&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=3&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XVo4NifHtA&p=https%3A//entreterse.com.br&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Mar 2021 12:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
DATA 200
OK truncated
/ Frame 7813 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d800d5c79552c73df4d90634a3b5a547208411726dec6bf3f7298f84b66213e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl_2021031501.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 89ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 08:44:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102037
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame F099 573 B
785 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: fJjd4Q8/UE5ma3gT9h3lhkUzkREWvcEUy8hUiA02KHz5POt5BYI7SZBZGQ5Vsjj89R/6g42InoqCTB5Wxy6QVQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Tue, 09 Mar 2021 23:56:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 23:56:02 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame F099 1 KB
1 KB 73ms
72ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1287027334702985&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iM-F4/yn/l/pt_BR/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95ed93ccd83965265ccefd18826e8c5e982913e426ec66f17ae51b536f321c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: esf/1ygsVEsCZwA5Kkb7F36b/eYCkFiZszQeqzWDuQaLq68Eb2jDHKYWW0fqM0ZaS3toGTwvgEVR1SXpCJf4bA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Mar 2021 12:02:30 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame F099 18 KB
6 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JxklXWIUFJ/V53r1B155cg==
cross-origin-resource-policy: cross-origin
content-length: 5952
x-fb-rlafr: 0
x-fb-debug: 9fDMYMvvJHDDEozDWchbyZU9xz+MxxxYd19SZp1QEOPatv+5keQGQQVPLjqdicRpEKxlIlYVM7zv0EHl6hNtsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 14 Mar 2022 14:38:41 GMT

GET
H2 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame F099 7 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

587b234b1819edd56fb28552f715b8d1c367a1dd28829d07c3678229c96e650b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: dIfYhFhtzEHpN6A/fXE/KBvAll41VlNAa/GF/nDw0XQ57FqLaSvHxostsoJSHpV2VEuvpkDQ9uHEbRBST56j8A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 7V1kQCLTl32/i6kpb5a/eQ==
date: Mon, 15 Mar 2021 15:38:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2267
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:34 GMT

GET
H2 200 4VcZZtut9kw.js Show response
www.facebook.com/rsrc.php/v3/yV/r/ Frame F099 142 KB
31 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/r/4VcZZtut9kw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0e191a69ed050749395ad51b641f4877cb9e6a1013a97d7d34759dea223f350

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3604fb1ec58bb8%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fentreterse%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: NCbuSilHuy6Jf0bQD1KdbCXxpSspChTKgZKTrqVIwSFScBw7yAkBvvJiMzAg1gQoy9U3kYIcG4TmsQOHJnopQA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KD6no+B5B6f6x1/okLTImw==
date: Mon, 15 Mar 2021 15:38:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31758
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:39 GMT

GET
H2 200 nuSZvOPs-lg.png
www.facebook.com/rsrc.php/v3/yv/r/ Frame F099 12 KB
12 KB 9ms
8ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/nuSZvOPs-lg.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y7/l/0,cross/xnFbs6JXOeq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y7/l/0,cross/xnFbs6JXOeq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: dVHk8CxcrLw4MBiWhPuu943MdMiWdWgwajJrx18gB1SSD2tVDsYoG6OFKwAKyqBO2XkL1wsYo7BBwYYlLS8xoA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +tH9SoPO1ugg3HR9LK4liQ==
date: Mon, 15 Mar 2021 15:38:37 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11870
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 15:38:37 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13895754830884210497/ Frame C4BC 40 KB
40 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13895754830884210497/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00175020b2597629e1410b91c3c56fbe02d558817d16cbd5c44cbb22b2ccfaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:16:45 GMT
x-content-type-options: nosniff
age: 481545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40611
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 11:49:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 22:16:45 GMT

GET
DATA 200
OK truncated
/ Frame C4BC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.632/ 253 KB
68 KB 54ms
7ms Script
application/javascript 2600:9000:206f:8200:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.632/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3014.js?pid=2168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d94dd88cb98c7e6ad5d69558cb42f48d615f38563a1616753e5389280a57c22b

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 14:01:45 GMT
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:05:00 GMT
server: AmazonS3
age: 1288846
etag: W/"3ea538b03bf0f32c43e9a31dc494bcfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: q-gMMMpWh7hQksry3lLiJ46nNYlwF8B0iUwA2gydzTA5fmpfUZmtsA==

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7813 0
121 B 38ms
38ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGYmFubmVyCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoHCAYqAzIwMAoNEAMhAAB4E656iUAwBAoNEAohAAAAfKNwCkAwBAoNEA0hAAAAADy5jj8wBAoNEB4qBzk3MHgyNTAwBAoNEBkqBzk3MHgyNTAwBAoNEA4hAAAAAEi3jj8wBAoNEBAhAAAAAMBW2EAwBAoNEBEhAAAAAIBdykAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAACEAwBAoNEAQhAACo4HqciUAwBAoNEA8hAAAAADB6hD8wBAoNEBQhAAAAAACwy0AwBAoNEBUhAAAAAAAAHEAwBAoNEBYhAAAAAAAAEEAwBAoNEAUhAABQMzOeiUAwBAoNEBchAACgeRQXj0AwBBIaQ0tIeTU1X2l0TzhDRmREWHV3Z2QzWWtEWFEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4BC 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0fLXVZ5QYLDJFo3D7_UPkYSZUOSjm-lhntTukKUNhLL-_9MPEAEgnoHhH2CViriCyAegAaGV8u0CyAEJqQIEPk5l0AK0PqgDAcgDywSqBN0BT9D6EJ87qAyUNWFfq0Gzm4z2bmFf2F3hylvGpXlnQ-LVy4Ne8Nx5zg26BkFjC6HFiOGU6EQpZkj2AybavE88or4L_4U1eciyl4fmDHwoqhHVji50pvJO5CxZwNy7vWHq-whzyP3huS3GzfRaBPdGij6fa8ivVJOKsPby7mp1w4uGY3Fsq2VMwU6HTOIbDa7XVtABIfixCEKUM2utJiJkYpwbdXUX_0jTH0epEYarNKMkWcQ32fUOiUshObckJEjSGBCHv8LbRPen4ZTQ_xY_j1Su5fC2IchlOyEz8WPABOPns865A5IFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBClzBPSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItNjUxNDcwNTkwMjAzMTMwNA&sigh=rbcXk9O6XR8&template_id=5000&tpd=AGWhJmuQx2EqsXHR8-65xQ_7-1O4yyExX__BOOV0L57LICWgtA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Mar 2021 12:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 67A3 67 B
761 B 35ms
35ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615896149917&t_start=1615896149918&t_domcontent=1615896149959&t_layout=1615896150594&t_onload=1615896150594&t_paint=1615896150594&t_creport=1615896150594&t_tti=1615896149959&lid=6940221114592613191-0

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f36f182d3fa4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FCinemaFilmes-Novidades-e-Resenhas-1745469165579368%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bP/r9WSx3NDkLQB93Os6YnO1f93SomRf+UGPxtY1+ahWuPRqpKhwwbOO9xpc38l0kk6nbWcDNRYhZr5u7+nodw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 16 Mar 2021 12:02:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 99A5 67 B
200 B 36ms
35ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615896149924&t_start=1615896149924&t_domcontent=1615896149964&t_layout=1615896150595&t_onload=1615896150595&t_paint=1615896150595&t_creport=1615896150595&t_tti=1615896149964&lid=6940221114473395827-0

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df278f9534878bc4%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FAmazon-Prime-Video-Novidades-e-Resenhas-103513391432168&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: hrk70zkw5aPimcS0U6+Hs/DHDoeNlYYKc+5+flsr4nopUf6+8k/DSiM5b94v+lJMb6XPREZ9MqImYbZ/jWMJXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 16 Mar 2021 12:02:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 1 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

864f07324497a89f376a7bee9a0d3647a45f1ac66df2003c9e41e5723c3968ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11872115851184484808/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 693
date: Mon, 15 Mar 2021 07:34:05 GMT
expires: Tue, 15 Mar 2022 07:34:05 GMT
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 102505
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0D81 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVgcpVZ5QYO_OFZPG7_UP_rS66AW4y_XZYaDdt6vUDYv89OvNIhABIJ6B4R9glYq4gsgHoAHv_9_hAsgBCakC_78MCmtAtz6oAwHIA0iqBN8BT9BkdPjIQxe4iihgKBamq-mnpqQidl7OaMya-EL4xUwM3x6t8dMZzKA2Ql1E6vBILPVszDOXMBUS0l9BEnMnLUfmlD5IeoWK5EH-zAGiIbk_uOG0Avi2gKiSAsyeasfqe-t1DfKQJj6BWoBtndvMDpVniIDEP_UlywBItSG6NMVxlInRiF64kTuHimnzUojpMDEHUUfnzJPnLlJ4ol30O27f5phLzUp6szzFVjxZVzctRW3WSRfwXEboEqiPHZ1vkCNa2rUBOYEG-BFci2T0QHP-NwFWYl02VOwUPBYiZ8AE_u_UwLQDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_n_n54BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIDFBtIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02NTE0NzA1OTAyMDMxMzA0&sigh=Co8MxgIlXJ4&template_id=419&tpd=AGWhJmvzJ5ptd5cXnSZNEPqH-NvZKG86pGcKfx_YiBJ1ZH9H4Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Mar 2021 12:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7813 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 468250
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 11 Mar 2022 01:58:20 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7813 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 483607
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:23 GMT

GET
DATA 200
OK truncated
/ Frame C4BC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77213ff0ddc3c2529fff97807f539686994122cbb0c28498e8186e512b3977b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 0D81 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:59:09 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 0D81 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D81 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 0D81 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:33 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2F10
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

281 B
554 B

77ms
25ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Mar 2021 12:02:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date: Tue, 16 Mar 2021 12:02:30 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 / Show response
de.tynt.com/deb/ Frame 1B2C 75 B
289 B 343ms
113ms Document
text/html 208.100.17.187
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Wed, 17 Mar 2021 12:02:26 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 16 Mar 2021 12:02:26 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

2 KB
3 KB

70ms
69ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37e6887b4941fcbfe6db6ac58fe292b35856af477d54e24870656d7931a6f71e

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YFCeVqYApMjvaIJInUCePQAA; CMPS=1132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|39|241|4|13|90|65
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1772
Expires: Tue, 16 Mar 2021 12:02:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
Connection: keep-alive
Set-Cookie: CMID=YFCeVqYApMjvaIJInUCePQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Mar 2022 12:02:30 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 12:02:30 GMT CMPRO=1118;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 12:02:30 GMT CMST=YFCeVmBQnlYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Mar 2021 12:02:30 GMT CMRUM3=5a60509e5605a0&2d60509e5605a0&0d60509e5605a0&e660509e5627600&0460509e5605a0&f160509e5605a00&2760509e560b40&4160509e5605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Mar 2022 12:02:30 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 16 Mar 2021 12:02:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
Connection: keep-alive
Set-Cookie: CMID=YFCeVqYApMjvaIJInUCePQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Mar 2022 12:02:30 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 12:02:30 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8DDC 2 KB
818 B 70ms
23ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=4969976837644932607

35 B
237 B

190ms
189ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=4969976837644932607
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd53eedd41e99-AMS
content-length: 35
cf-request-id: 08dc839b5400001e9946905000000001
expires: Mon, 16 Mar 2020 12:02:30 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: b00c1c9d-33a3-491f-9c07-91a9c4ea70fb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=4969976837644932607
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6057422261
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6057422261
https://sync.1rx.io/usersync/tradedesk/dc007b7b-525c-4815-8501-ee01bacb727e
https://sync.targeting.unrulymedia.com/csync/RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003

35 B
258 B

238ms
237ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd542df121e99-AMS
content-length: 35
cf-request-id: 08dc839dcc00001e99103b2000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

Redirect headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: Tengine
ETag: RXf5b5d0f944074837a49bb68b399cb4c9003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-f5b5d0f9-4407-4837-a49b-b68b399cb4c9-003
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4E4F 0
72 B 354ms
115ms Image
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip178.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 2000208
date: Tue, 16 Mar 2021 12:02:25 GMT
server: 33XP004

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
389 B

129ms
128ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd54038c51e99-AMS
content-length: 35
cf-request-id: 08dc839c2800001e99cf186000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 4E4F 0
478 B 83ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 4E4F
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fentreterse.com.br%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fentreterse.com.br%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fentreterse.com.br%2F&pid=12306&adnxs_uid=4969976837644932607

95 B
945 B

236ms
35ms

Image
image/png

52.19.239.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fentreterse.com.br%2F&pid=12306&adnxs_uid=4969976837644932607

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.239.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-239-39.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 16 Mar 2021 12:02:31 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 16 Mar 2021 12:02:31 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid: 2ab49700-c768-4dcc-b16f-206f93601ed5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fentreterse.com.br%2F&pid=12306&adnxs_uid=4969976837644932607
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 4E4F 42 B
233 B 269ms
87ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:30 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c123be1-864f-11eb-8589-02396ffc09cc
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c123be1-864f-11eb-8589-02396ffc09cc&verify=true
https://router.infolinks.com/dyn/outh-usync?uid=y-2A62sWlE2uEyHgqfeb5CUSTcguWux5xz~A~UP7c123be1-864f-11eb-8589-02396ffc09cc

35 B
260 B

126ms
125ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-2A62sWlE2uEyHgqfeb5CUSTcguWux5xz~A~UP7c123be1-864f-11eb-8589-02396ffc09cc
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd541bc3d1e99-AMS
content-length: 35
cf-request-id: 08dc839d1600001e99daba4000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

Redirect headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-2A62sWlE2uEyHgqfeb5CUSTcguWux5xz~A~UP7c123be1-864f-11eb-8589-02396ffc09cc
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=46331cfe0fa39a00d93a6d11

35 B
394 B

129ms
128ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=46331cfe0fa39a00d93a6d11
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd53eedd21e99-AMS
content-length: 35
cf-request-id: 08dc839b5400001e99cf8b1000000001
expires: Mon, 16 Mar 2020 12:02:30 GMT

Redirect headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=46331cfe0fa39a00d93a6d11
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUEzQzYxQjItQTI1Ri00MjJELTkxRjgtOTM1OTA5MUFFMDhE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D5423F848-686F-4113-9015-58CAB8F2AEB4
https://router.infolinks.com/dyn/pbm-usync?uid=5423F848-686F-4113-9015-58CAB8F2AEB4

0
213 B

126ms
125ms

Image
text/html

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=5423F848-686F-4113-9015-58CAB8F2AEB4
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 630dd547ea431e99-AMS
content-length: 0
cf-request-id: 08dc83a0f500001e9946993000000001
expires: Mon, 16 Mar 2020 12:02:32 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=5423F848-686F-4113-9015-58CAB8F2AEB4
Date: Tue, 16 Mar 2021 12:02:29 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ImgSync
image8.pubmatic.com/AdServer/ Frame 4E4F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyM0Y4NDgtNjg2Ri00MTEzLTkwMTUtNThDQUI4RjJBRUI0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
75 B

19ms
18ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:29 GMT
Content-Length: 0

Redirect headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
X-lat: lhrpug018:0:423
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H2

200

bizzc-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550

35 B
248 B

129ms
129ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd54758fc1e99-AMS
content-length: 35
cf-request-id: 08dc83a09500001e99461f5000000001
expires: Mon, 16 Mar 2020 12:02:32 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 4E4F 0
176 B 170ms
168ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 630dd53fbf9d1e99-AMS
content-length: 0
cf-request-id: 08dc839bd900001e991aaf5000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1871597493480780176

35 B
411 B

163ms
162ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1871597493480780176
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd546bf7a1e99-AMS
content-length: 35
cf-request-id: 08dc83a03100001e99ec8fc000000001
expires: Mon, 16 Mar 2020 12:02:32 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1871597493480780176
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sx-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7c50481a-864f-11eb-95c5-1a404fd53c06
https://router.infolinks.com/dyn/sx-usync?uid=7c5047a9-864f-11eb-95c5-1a404fd53c06

35 B
225 B

128ms
127ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sx-usync?uid=7c5047a9-864f-11eb-95c5-1a404fd53c06
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd540faa61e99-AMS
content-length: 35
cf-request-id: 08dc839c9c00001e99d333a000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

Redirect headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sx-usync?uid=7c5047a9-864f-11eb-95c5-1a404fd53c06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 4E4F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-G9wzAZ9E2uG6DMhQ6.gaaRva0tKMo2ZaJ6rj9gY-~A

35 B
253 B

128ms
128ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-G9wzAZ9E2uG6DMhQ6.gaaRva0tKMo2ZaJ6rj9gY-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd5422d7f1e99-AMS
content-length: 35
cf-request-id: 08dc839d5c00001e99d00fa000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

Redirect headers

Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-G9wzAZ9E2uG6DMhQ6.gaaRva0tKMo2ZaJ6rj9gY-~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 705E 67 B
200 B 46ms
46ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615896149954&t_start=1615896149954&t_domcontent=1615896150065&t_layout=1615896150643&t_onload=1615896150643&t_paint=1615896150643&t_creport=1615896150643&t_tti=1615896150065&lid=6940221113930186041-0

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=547244872664295&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbffeb79586ac%26domain%3Dentreterse.com.br%26origin%3Dhttps%253A%252F%252Fentreterse.com.br%252Ff484fee5850f5%26relation%3Dparent.parent&container_width=303&href=https%3A%2F%2Fwww.facebook.com%2FNetflixNovidadeseResenhas&layout=button_count&locale=pt_BR&sdk=joey&share=false&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: sJk/rg/La2UR33xZNuhRfqIC0fANwtIMgslBXOJNYfxGGDYEuvfRAFzmH4jBQEmn5VohTmrsmCwmYpwCQbaMpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 16 Mar 2021 12:02:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=entreterse.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=entreterse.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
28 KB 344ms
343ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=153772877588875&correlator=15774982187799&output=ldjh&impl=fif&eid=31060437%2C31060465%2C31060367&vrg=2021031501&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=17279704961%2CDisplay%2CFooter_Desktop_B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1615896150&dt=1615896150697&dlt=1615896148252&idt=2425&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=1750512548&ucis=1&ifi=10&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fentreterse.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=false&fws=516&ohw=728&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

489157bd9ead1e5206ac2a5259c5854d7a19e46fedf2777bc554c69713b7da9c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIOmvKDitO8CFS3quwgdDXcDYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12155640719224865621/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIOmvKDitO8CFS3quwgdDXcDYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12155640719224865621/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27966
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 16 Mar 2021 12:02:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://entreterse.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame C5A3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 163931
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C8F 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 16 Mar 2021 11:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0D81 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62d613c90a4ba1de3b690581dab0d1730880e96e432f7a638bbc6f19fc0ab93

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
726 B 482ms
124ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=entreterse.com.br&l1=3014&l2=entreterse.com.br&l3=BE&l4=desktop&cb=0.25887522464941926
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.632/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:31 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://entreterse.com.br
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame C4BC 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 468250
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 11 Mar 2022 01:58:20 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame C4BC 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 483607
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:23 GMT

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 12A9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=250&slotname=2032392315&adk=994746009&adf=3551575409&pi=t.ma~as.2032392315&w=970&lmt=1615896149&psa=0&format=970x250&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=2&bdt=963&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x250%2C250x250&correlator=2765605921575&frm=20&pv=1&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yAQR8PULzU&p=https%3A//entreterse.com.br&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 163931
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7281 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7281 22 KB
9 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:41:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7281 1 KB
557 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 11:58:10 GMT
server: ESF
date: Tue, 16 Mar 2021 12:02:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H3-Q050 200 styles.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 2 KB
3 KB 9ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/styles.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aee1dd05373c429c7496480383122127cf62f46321353aad73ec27d8e9b031f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 102505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Mon, 15 Mar 2021 07:34:05 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:34:05 GMT

GET
H2 200 gsap_3.1.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7281 56 KB
23 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22938
x-xss-protection: 0
last-modified: Fri, 24 Jan 2020 21:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:02:30 GMT

GET
H3-Q050 200 img_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/img_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fda35ec6557d254c6bf9810302f7c36aa82195e1a864034eb067312ae7f2f2f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 104121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18755
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Mon, 15 Mar 2021 07:07:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:07:09 GMT

GET
H3-Q050 200 script.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 23 KB
8 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/script.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13a28944d5d9410ecdd8c3a96c9cded1b0b00e6ff711bc0c43968f9848547a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 505406
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7762
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 15:39:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:39:04 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7813 0
111 B 40ms
39ms Other
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGYmFubmVyCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoHCAYqAzIwMAoNEBghAADoZWaRlEAwBBIaQ0tIeTU1X2l0TzhDRmREWHV3Z2QzWWtEWFEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F10 31 KB
10 KB 29ms
29ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:02:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12380
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Tue, 16 Mar 2021 15:28:50 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFCeVqYApMjvaIJInUCePQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMLh5dZmQ1_sQQUD-FJjcU&google_cver=1

43 B
1 KB

69ms
64ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMLh5dZmQ1_sQQUD-FJjcU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:32 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMLh5dZmQ1_sQQUD-FJjcU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFCeVqYApMjvaIJInUCePQAABF4AAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEFaDHAA7I0zSPxXKRb7e30&google_cver=1

43 B
315 B

50ms
49ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEFaDHAA7I0zSPxXKRb7e30&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEFaDHAA7I0zSPxXKRb7e30&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9185 70 B
264 B 37ms
33ms Image
image/gif 54.228.114.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_user_id=YFCeVqYApMjvaIJInUCePQAA&cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.114.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9185
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB&dcc=t

43 B
720 B

131ms
130ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFCeVqYApMjvaIJInUCePQAABF4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4136079386408712909

43 B
1 KB

1090ms
44ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4136079386408712909
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:32 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4136079386408712909
pragma: no-cache
date: Tue, 16 Mar 2021 12:02:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ff220427ce5dd431cb1957&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

60ms
60ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ff220427ce5dd431cb1957&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:32 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ff220427ce5dd431cb1957&expiration=[EXPIRATION]&gdpr=1
Date: Tue, 16 Mar 2021 12:02:32 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9185
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB8DFD3F3C6541F195F51FD43059664E&gdpr=1

43 B
1 KB

1111ms
46ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB8DFD3F3C6541F195F51FD43059664E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:32 GMT

Redirect headers

date: Tue, 16 Mar 2021 12:02:31 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB8DFD3F3C6541F195F51FD43059664E&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 15 Mar 2021 12:02:31 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 9185
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1615982551&gdpr=1

43 B
315 B

355ms
43ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1615982551&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 12:02:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 16 Mar 2021 12:02:31 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1615982551&gdpr=1
pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 9185 35 B
352 B 159ms
158ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YFCeVqYApMjvaIJInUCePQAA%261118
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 630dd53fbf7e1e99-AMS
content-length: 35
cf-request-id: 08dc839bcf00001e99ff3d6000000001
expires: Mon, 16 Mar 2020 12:02:31 GMT

GET
H3-Q050 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 10 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/cta.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d96980eb407ff39af6ea9783c89f5921056b01c239b62d65da192235b71d60f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 102506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3053
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Mon, 15 Mar 2021 07:34:05 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:34:05 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/ Frame 7281 11 KB
5 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cd99609132a394472945df81c97f687e3da5e9338d93a8c4d767f147c5b84b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11872115851184484808/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 505407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3718
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 15:39:04 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:39:04 GMT

GET
H3-Q050 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 7281 20 KB
20 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 483604
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20676
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:27 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

40ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6514705902031304&output=html&h=90&slotname=5395550032&adk=3022716292&adf=2145328088&pi=t.ma~as.5395550032&w=728&lmt=1615896149&psa=0&format=728x90&url=https%3A%2F%2Fentreterse.com.br%2F&flash=0&wgl=1&dt=1615896149214&bpp=5&bdt=962&idt=-M&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2765605921575&frm=20&pv=2&ga_vid=1395941363.1615896149&ga_sid=1615896149&ga_hid=127252615&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068084%2C31060352%2C44737458&oid=3&pvsid=153772877588875&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3uA42XuNBh&p=https%3A//entreterse.com.br&dtd=121

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldnM30mAt8L3KPQ_6a-CIKPHaf1bK1JvMYqcIs7WICZLq_bKYQTvtPdfDxwoA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Mar 2021 12:02:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 16-Mar-2021 13:02:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Mar 2021 12:02:31 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0ED5 6 KB
3 KB 28ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Mar 2021 12:02:30 GMT
expires: Wed, 16 Mar 2022 12:02:30 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tp Show response
px.cazamba.com/ 31 B
589 B 596ms
140ms Script
application/javascript 34.197.150.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.cazamba.com/tp?t=SO9w7lm46ZlfnQzbXbQJWnqnDW0qrUfoyhMS0ssR91fa3pmX17BCSYouR6Vf%2FsYMcRemV0RVeGG4YzQtZ%2BUjqWzIahyWXCFU1JYJRzawJmuX7JQrxwslQqTUEOuDFoReYne6oRY%3D&tp=print&g=1615896154&nvg=&type=js
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/5.3.29
Resource Hash: 12c7cf50f3c9644548c159995989043c52d2a525229637c499b511e090602d43

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:31 GMT
server: nginx/1.18.0
x-powered-by: PHP/5.3.29
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 tpa
px.cazamba.com/ 35 B
586 B 573ms
118ms Image
image/gif 34.197.150.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.cazamba.com/tpa?a=10294&b=1719&c=print&g=1615896155
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/5.3.29
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:31 GMT
server: nginx/1.18.0
x-powered-by: PHP/5.3.29
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 829 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91f70c3d4de12fb759a0f2da69d78342d50484a4c501a87a56f9273bb14fcb35

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2F10 284 B
536 B 102ms
27ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3276710&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/ Frame 43C3 12 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Requested by

Host: entreterse.com.br
URL: https://entreterse.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e32531923f49e423051dc689482662c31baf6ccc3b6bc582113afd7cebe0547

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12155640719224865621/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3318
date: Mon, 15 Mar 2021 19:13:10 GMT
expires: Tue, 15 Mar 2022 19:13:10 GMT
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 60561
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0ED5 0
0 103ms
72ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjIzZVp5QYIOjLa3U7_UPje6NgAaXn9GXYdH464yvDa4CEAEg0cvsOWC5-MeA3AGgAdDGo-EDyAEJqQKekRoK24F_PuACAKgDAcgDCKoE9AFP0A3VrXV2O9Q7e622y0CnnwyzAsxDm7libnL1FQe4J8FxnNwtu1sf7PXVa_HUD1pEGie2sKNCKVeupuXlBPSAvdoDCWP84Kepab5bWrPMebTSFQ-8x1Iro6k4LR6djOIgr-l3XY8-w9Wlqb1MJY69YE2GT-5tYc7d2DQgl1l50e5od4YOvN6din_y_yimEOsSf68Ki9RfxhIAlgNkXsudVy3PaVkuJq0HXGtt_XluVrtR85Y4nECvCHPSHhRqfD8SiHbiCNVun8lOwPcrb2vtjxt0N-dTovjrQLDJrM6j-r5r6IFylP07Va_EOy3MkaAj_FxMwASfmuDQmQLgBAGSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDhkgbSCAkIgOGAEBABGB2ACgPICwHYEwyYFgGyFxoKGAgAEhRwdWItMzgxNjYwMzA5NjAxODg5Nw&sigh=XasCe7gaHnI&template_id=419&tpd=AGWhJmvatZHm1Wd5P_T_RA_PubBRn6IO_XQwbZeNO16SqHPqAA
Requested by: Host: entreterse.com.br
URL: https://entreterse.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 0ED5 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:59:09 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 0ED5 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:55 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ED5 112 KB
34 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:31 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 0ED5 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:01:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 0ED5 0
0 17ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfskQaNXSD6J1wVjvdEoWT6YdQ4Z5A7aFEJ9afRwD0zokq9Z0Yh3zJV7lgytdIcGWFf8p6ONBVpQzzfvgK8Pmba-Yx_w
Requested by: Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 7281 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 163932
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 43C3 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 43C3 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/ Frame 43C3 69 KB
20 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 328534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Fri, 12 Mar 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 16:46:57 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A7B 143 B
169 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldnM30mAt8L3KPQ_6a-CIKPHaf1bK1JvMYqcIs7WICZLq_bKYQTvtPdfDxwoA; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 16 Mar 2021 11:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2351
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0ED5 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 080c978457572ac241fe037c02557e583959b6dfddbba25d5a116091db6d7a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5fbff778aae669e0a7d7c4e8b5cdc8e0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 36 KB
36 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/5fbff778aae669e0a7d7c4e8b5cdc8e0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d300ecc84df53cf8df9c16681dfe698386084bacab98ca335afd0603c3dcc852

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 446437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36737
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Thu, 11 Mar 2021 08:01:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 08:01:54 GMT

GET
H3-Q050 200 faae535955cf4f0b1f55b6767036aae9.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 24 KB
25 KB 13ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/faae535955cf4f0b1f55b6767036aae9.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52127d5b4f7bfa5553e53ec9843f08aea238869029dc1c09701a4340e2d59928

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25008
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Thu, 11 Mar 2021 20:12:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:12:16 GMT

GET
H3-Q050 200 8df35d6e2ebe07e3cf7d5ed2a5deb28c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/8df35d6e2ebe07e3cf7d5ed2a5deb28c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c67affe9942bfc0ce3164ef9cb4a8b6732a8a25d358e1fcf012cba0d7fbfdda

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3248
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Sat, 13 Mar 2021 13:45:07 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 13:45:07 GMT

GET
H3-Q050 200 ad0061513179df1a5c36fb1ce9a903a4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 10 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ad0061513179df1a5c36fb1ce9a903a4.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7727be307c4411a42184a251e96936894a8e08ce6cd5a300bdbbd4bfb84997b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 589608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2239
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Tue, 09 Mar 2021 16:15:43 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 16:15:43 GMT

GET
H3-Q050 200 c561af94e35f155e6972954b80d23d7f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 7 KB
7 KB 11ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/c561af94e35f155e6972954b80d23d7f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 60561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7576
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Mon, 15 Mar 2021 19:13:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 19:13:10 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A7B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
URL: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldnM30mAt8L3KPQ_6a-CIKPHaf1bK1JvMYqcIs7WICZLq_bKYQTvtPdfDxwoA; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Mar 2021 12:02:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 16-Mar-2021 13:02:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 12:02:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Mar 2021 12:02:31 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 4b78a9a2fe99b13b95cc33a07107cfda.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/ Frame 43C3 2 KB
1 KB 8ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/media/4b78a9a2fe99b13b95cc33a07107cfda.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12155640719224865621/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5574df28c7b6e4743e24694325d7557f9324b2dae5478a40972f1e4cfadf6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 493035
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:22:04 GMT
server: sffe
date: Wed, 10 Mar 2021 19:05:16 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 19:05:16 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7813 42 B
479 B 70ms
55ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBET79kZtG6guQQr7oINZHBecacjd6Nx6aNEWN0Bge70dN0VjCyNRjB_6YOGwFbpXV4F1SLR4DjiWysF6ytr_USUndD8nbvQ2nSeKyq4rnrxcbK1IKIJmz61CQ_g&sai=AMfl-YRlxSUD6Vxdj0jIqdVM7liyHZyhE2FvFslBY2bjK-6RUagQLRRuQx7eE7OYMLo1Rt3xtYpbhuCFIJ3V&sig=Cg0ArKJSzLBhYfSqE67LEAE&id=osdim&mcvt=1000&p=777,315,1027,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4029023989&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615896149357&dlt=379&rpt=135&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D81 42 B
66 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscAjxyahTar_tk9a87axFah8-8pErT80yvRjS1jq92iiQLdjFRZ1-7M6Jl6aGB17EpUolI62HmW006EgWtXD27v45fEoqslz7d9qZf2x3RKmm0ZiZxME7HE583Sg&sai=AMfl-YRMb6Xrta_xc11WpqQJsn-f036kq49-U-_MhJth2SLXY56iAWzjuHGId08GcZo_7YMOuDw60WGqqb3V&sig=Cg0ArKJSzOeLBE2bz_i6EAE&id=osdim&mcvt=1001&p=61,606,151,1334&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3022716292&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615896149356&dlt=786&rpt=144&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ED5 42 B
89 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH3RVOd8cYUoVmp3Dye5d3IyExIkDFe2yHmCGfhhf7UEXGtV6m9EutJIDJ5O85q_UisgOTjaUAGh1Fp9QXYgBc93H-zp9Mu1fx__vrmG3inEDjsgrUjmAkr_ybXg&sai=AMfl-YSwpLda72qpo-sUj_wxHFt9SQ3BtVkTyY0kdRs5K9nnPiRMhr4P2tah5Lw5KDOUgq1_84aVgGilMQTgkahTRsTVX40fZWbeUlgWPgA1icnXZ6luZvd_JxxeVh0&sig=Cg0ArKJSzGiCp9qcaoy6EAE&cid=CAASF-RoHtmFLnSlZpPJNTzfX6BTK7o9OSs2&id=osdim&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1750512548&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615896151125&dlt=37&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210310&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e06fb2dcb0840df2daa1ca952ca66832bbe812ba87662365faef1d75fbd8ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6460
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:02:32 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7D9B 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://entreterse.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://entreterse.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 11:10:29 GMT
expires: Wed, 16 Mar 2022 11:10:29 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3123
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D9B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 163933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210310&jk=153772877588875&bg=!TU6lTg3NAAUO7zDoDjsAKQB2-Dxa27LsSJT2yXMVskp7x3_XXO6qi5GHGg7_G4d7svFSXuvn5yu1AgAAAK9SAAAADGgBBwoAgJUK5hxqn2GSr9X3G1vs61WkMy5j7a0ZRa98EAU2-_KY-G1u-gksAt_xwVMPoWabrnYaGPF8hITB9dofjdB_wfo7PYTjqR7vQI6uac2IzdhmXujInWdrSkocBtYgPGKD55-WT-x6DGmhlWa3BzvAGCHlpHXtfBzxn3ornp9Z5apAmQHTDu5XbuFmx33Iu1-LfvufK6titDrgF1EcPanJynk0Kooqlycxzz3r54XoOHzWh0zLrCQ1f_QP0gqzXuWRLRR4MIk8TUTH0nzjD1-G2TuvmPfoo4-O-kxiaguwrCTMmEAmZMitjwZf2AMVC_e3IWWQR5B0XCPjjF0GnmkPquCBAApAkqa5jOw55goLykwGPjoousiWF8N82fpE2C71b4GR4zCP2caS55SP_dh5BrSprDFEFK_RswZqeka23ETV5Qa0xhn2UMxAmNM-o47vBtyjC9mpktxdEd4x_g9HfRFwQxjeUxi0DqyltIGi-aATiWSycPMJOWgH6PusgDhwzXDD_Vj2U3EzLbRa1hK5abYgXvTahvOdHCRD07BHna-Y0iNHhLwn4bdHLYzP2REyyjI8Y8_SKlPQQk0eXlKwUNg6BW7hQZhko4_duga9A3y8BPQEAhe_dWfNDI3P1zbZc7tMPH4ia7-LamLM6Y9-HqbooJ8csfN_jowb6n-aLYUMNBjU2w09gDMebSDl5B9iUojOnvRsxo6Ta6E1XEvmL5xFiXf8_NP_aUjuDwiP0WOHhHhz8AedJ4VhIw15ZBfKXS12aK7GvBpCGznQASPhond64USsCqQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://entreterse.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7281 0
56 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=590.0000&a1=https&f1=layout_html&s1=0&d1=7.0000&i=501562178315&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F11872115851184484808%2Findex.html&gqi=VZ5QYNyKFYbF-gbQjqfQCw&qqi=CK_N55_itO8CFRPjuwgdfpoOXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: entreterse.com.br
URL: https://entreterse.com.br/park-min-young-dramas-coreanos-61205/

Domain: entreterse.com.br
URL: https://entreterse.com.br/the-front-runner-assista-ao-trailer-do-filme-com-hugh-jackman-9823/

Verdicts & Comments Add Verdict or Comment

334 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://entreterse.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: TypeError: Converting circular structure to JSON --> starting at object with constructor 'Window' --- property 'window' closes the circle
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: Failed log data: [object Object]
console-api	log	URL: https://cdn.cazamba.com/adx/desktopFooter.min.js(Line 4) Message: contains
console-api	log	URL: https://s.trvdp.com/scripts/v5.632/ins.js(Line 9) Message: error construct widget
console-api	log	URL: https://s.trvdp.com/scripts/v5.632/ins.js(Line 9) Message: protected error
console-api	log	URL: https://px.cazamba.com/tp?t=SO9w7lm46ZlfnQzbXbQJWnqnDW0qrUfoyhMS0ssR91fa3pmX17BCSYouR6Vf%2FsYMcRemV0RVeGG4YzQtZ%2BUjqWzIahyWXCFU1JYJRzawJmuX7JQrxwslQqTUEOuDFoReYne6oRY%3D&tp=print&g=1615896154&nvg=&type=js(Line 1) Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56cb668b5e1262be07dce09500568611.safeframe.googlesyndication.com
ad.turn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.cazamba.com
as.cazamba.com
b1sync.zemanta.com
casale-match.dotomi.com
cdn.cazamba.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.t.tailtarget.com
d.tailtarget.com
data.ad-score.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
entreterse.com.br
entreterse.s3.amazonaws.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go.trvdp.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
px.cazamba.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s.trvdp.com
s0.2mdn.net
sb.scorecardresearch.com
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
tag.navdmp.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
entreterse.com.br
104.108.145.8
104.21.68.181
104.22.3.144
13.32.21.49
130.211.115.4
142.250.186.162
142.250.74.194
151.139.128.11
169.50.137.190
174.137.133.49
178.162.133.149
185.183.112.155
185.33.221.15
185.64.189.114
185.64.189.216
185.64.190.80
185.94.180.125
193.0.160.129
2001:678:cb4:bbbb::11
208.100.17.178
208.100.17.187
213.19.147.150
23.37.42.132
23.37.53.17
2600:9000:206f:8200:d:3c0f:bcc0:93a1
2600:9000:211e:8400:3:7e1c:5b40:93a1
2606:4700::6810:125e
2606:4700::6810:ff3
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9b
2a02:fa8:8806:12::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
3.126.56.137
3.126.63.176
34.102.185.99
34.197.150.80
35.201.123.184
51.89.9.253
52.19.239.39
52.216.185.211
52.5.234.188
54.228.114.223
69.173.144.165
70.42.32.95
72.21.206.140
72.251.249.14
88.214.193.83
00175020b2597629e1410b91c3c56fbe02d558817d16cbd5c44cbb22b2ccfaff
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01fa80b8a77d1be2b6b224075c3475578f71f4111f6fea2454d484dac60061de
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e7b4675b3eb7f84baaccf951d7b6264cc329cffc954a791eb2d86fafa558a8
03dfca60faa49cd724a51280a1ecbc6728f4c898053cc7621b81a8e5ab72478f
04791844cc4d702f41e911731a837362697e09f32cd91d0e96edf7688c89fe25
06138b5565792ca32cfdc59d3b934d3e83bc4b75c59b80867a5bead4eae20daa
080c978457572ac241fe037c02557e583959b6dfddbba25d5a116091db6d7a30
09874e25d01428d0d35c9d6270ab6dc8c9b273eda0e9747af14867e0f7222a5e
099a4a1f4e2f8fbb63a0b1dd8273db46cca72083c32234e88be13c4793769cc7
0af6d025ba0e8ebe7415956eb95cc59b8a786a8e809aa05ad1c1d5cdb714c2db
0b943cae7cca107d69396ea5e549f905596e6e12b0683a632feabf5f40653aec
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd99609132a394472945df81c97f687e3da5e9338d93a8c4d767f147c5b84b8
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f3d1bf7713f2fa9c735e205cbca2aec4aeab6539159a149edf96c655429c4cb
10040ce6c01eeb107e03dc423c8eac3126d5b58025a11aa38e0009c4f079ce12
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fa14a273651b615c644a7ad65e04ee4e778995e4d7d00507907562c3f17031
12c7cf50f3c9644548c159995989043c52d2a525229637c499b511e090602d43
147c0a402198f091dde33543a076177882144c4c774605b57dff5a43c6d62f86
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
15b2757b817bcc9b6ae82a0a86adcce5347cb7f6f18eb39b935690fd87bea2f7
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1c67affe9942bfc0ce3164ef9cb4a8b6732a8a25d358e1fcf012cba0d7fbfdda
1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1cfe6495d53350ed15c8f3d909a0ed8f3d426bf92feea94b59d07e01a65bda5c
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1ef6ed451f5d0b3aeffe0447a6f2c8806902e3200cf4bb289d9a03eebffa7db4
1fd6637b46f150e7aa0aa9f5ed6592832214a08cbb20b58a37cbdc433375089f
2117207e1980434a20e6b9d58006d4a97e8c029401d8a5b918074beee6d7971a
2198e16d2a1ec540b0a86b674a4b93f16c8050e09325941f3a5d4c0c349b73f6
226bbf35bac9e3adbf7f7556634aaad086a47887fa005d1de73c4c1a24a002c6
22e8fc329485f0d04a12f7544dcc354f5b0f2154625b722e73c6245d5f85f79d
23df22ba47a1c6bb7f9d7fd3e57aadb5a036cf343d0495abec51d14f6b01aa6c
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
266bf91d9ac1f713c418ab1644817e7ba3310afc0b0d4ca8cec4b652ccdf2764
27354b12d83dffcf5d409c237a6f27d6cd724a2a359bfc707ef45e6d0210f68f
27edbe1b70ab95f66341f82f773e94e469995730b3839a6d6bc4b71713439abe
2c5cd3a52c16881312ea38a630c5903669af08eb0b45e79916e3cdfbe4037b23
2d800d5c79552c73df4d90634a3b5a547208411726dec6bf3f7298f84b66213e
2fda35ec6557d254c6bf9810302f7c36aa82195e1a864034eb067312ae7f2f2f
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f
32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e6887b4941fcbfe6db6ac58fe292b35856af477d54e24870656d7931a6f71e
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3b312f6fe4ab11655e2972dbd8268111459324b38ea0d2c307d14f4e1c82b107
3d96980eb407ff39af6ea9783c89f5921056b01c239b62d65da192235b71d60f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4031e1f91e80b37f08e8f5016243fb88a9c9875eaa78caf6786742c8217160b5
4194950fb56c6635ae416698dddfe72776f060467e91430f8a514a5d5db79bc7
419ef23176640e73e6691597d88b3ccfd9f57d1ee983f319be1b179ba8fbc8a4
43186dc2b1783aae37cdbb1d8d8ff6ce6168dd867cde34fc07171294a177c1bd
43556f0a49b7ac8ebed25dc2110d74815bf023b2c3bd7757795fdf3c8074ec21
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4755824bd966418e06308d8adec9c1843554ea4fa5b945d5f5862376eb465bca
489157bd9ead1e5206ac2a5259c5854d7a19e46fedf2777bc554c69713b7da9c
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48ea09f0084bdb3cb647bc0d36d9ac719094c005d049da95589de9f199425c94
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4c48100f4c753d6a563db33f4b68738a61e6d7add2cfb2645715b0cbbf641e94
4d8715f5e473b8b87fc74ca52ebc316190c2979d874a22670d7b762dcf055d52
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
4fa5d3abdc6827b786784cba2d543bd24a5c044b9ff8ef3c07f25b14c375a58a
50603c2b40927651c14bf0af4bc6fce0bbbcab38d0ba0c62a7424d9bba88b8c5
52127d5b4f7bfa5553e53ec9843f08aea238869029dc1c09701a4340e2d59928
5343c7a2c5c03d6beed4539f55e4e972871fc4aa35d279a62237960fd922ac96
535db069e580be43727d6123d3c69882399c14cf05d1b0c03361ff5a856fccc9
5381cb77f8ad6095fe1d69358f53996a8e6032b346c147cbad8196829ddf13ff
544aa66a5972e51391b8029971f23bb0301421035dcc1cb6155409c5c2d3c764
549c5b06311f6dd3610045aaf0bf8176091ca9eac7b258d4d53d67baa080aa46
54dc579b3e2e1ecd62783aa8e1b1a23b0c9f01d00ce4f8729e9efa1e2d567c6b
5574df28c7b6e4743e24694325d7557f9324b2dae5478a40972f1e4cfadf6e3d
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
587b234b1819edd56fb28552f715b8d1c367a1dd28829d07c3678229c96e650b
58c83ef54167003970d13d34e4c5ff34b1cbb50ea43ae51a097ff3911c6f8ea7
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5abbcf65363c96f693400d154621b8c505a19e41bfcd9cadac377646880751a7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf973ec91aff415e432d4cf5b5d72b2fc18f7ecc0a600e72567a68d6b23f5f2
5c0ade2481689a803bc9391c4c5b890a4c230777ed7575dcd8964a5ded490126
5c53b09a28729ef77ca31b937721e6a1c0cb5e730ab03d47d2ac1c75b34678f4
5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70
5ead5ff764075d6bc2632b073703798e0650a4ff1ac67a80835960b3455edb44
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9
6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
657753c380b0c6dfd199ea48ed561777e27c27c439a99fa70c7cb8a2d3ec1ac0
66938773eed7fb08edc8d064cf03b5a8d3e81fe619fee6f8a51c72e747e5a1dc
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
67d3a4a5ce1ccc33656b835c2816485574ec1ecf77112a15108da3751e8e07fd
67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6cdd22e067545f77d4168806ab785103e5702b8976e5f77c5e811e4118f817a6
6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed
71a16d0f700e7bd105a67fab7ac2a39419b6b705090348d5d2d229b0e73e68be
72056ec9d003cecdfe230a2b8675517ded8c445fff2b3a10c79e17595b81deb3
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
74ebfae7d9d4eb419805bdb0a5420c67cabc00ef04dad6cce4c63fa85d4a29b7
75e41fc39a00a6e1165be31f095ff843152ce3a789273b3c015625708b1e53e6
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
77213ff0ddc3c2529fff97807f539686994122cbb0c28498e8186e512b3977b3
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7a09bdfd774c29506be4567caaad4dd60a3f999ec74892fabb60344cb896ffed
7aee1dd05373c429c7496480383122127cf62f46321353aad73ec27d8e9b031f
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7b44cb8981c566e5c4bd0333febc21b33033443c0ff6cc58c7ba4b321ea0cd37
7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782
7e06fb2dcb0840df2daa1ca952ca66832bbe812ba87662365faef1d75fbd8ec1
7f6b3a4038273baf055918ea5bdd241b3ca19948976ff62d32b2757168565af5
80133049fb1ccad64ca7391efa8748f288a995d723d4eec00d0acf0763202f6f
813f4e50d579d8f3c2cc486e31f2e4b2a2765a471d6a9b8703089669d9100278
831820eacdf8b2be1d67346a1cc0b7156363a4798905e37621880f9a212dfe5d
849e8b5d4be2c692cc3f378fd2ee68524dfd304f8bda13b84f919d48e9b446fa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
864f07324497a89f376a7bee9a0d3647a45f1ac66df2003c9e41e5723c3968ab
867a93e8c715cdd6c990b9128ff453cec8f2ec51ecc0190625832ab21be49c8b
88a60f5853f0a1b1c640c400755ac6701d872a7da807b8ed479f9890c893f00b
89369e639eda7a60df3cbec527bb2428794d81219de9f84c33e93ed814535316
8962109116f09792bc87328b709c197b465d1737f235380ba24efc44edae2577
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92
8af0d35369e860749eb38996845c88f4ab89e687ea355d35f6a50ff12c509b4c
8bc3b4b03fcbdfcf50112c01aeb47f25d3c62ef66441a7dbb8c6e744bc02363f
8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1
8d663e74ba25886b409a0e91a986713873e83a85acecebe0b0ab548d953a4d8e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9b72129cf9ea003d4638461cc93e3972c5e2908ddf1ff62b383792138fa237
8e456cce3fc774bc3839691ad524ff8d6e50c9a0a096ee2a695136644cd93e22
8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0
8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800
8f36c51cae2316c55ed81d19b13bbd27e151af9492193bd1534dd8990e3634be
91f70c3d4de12fb759a0f2da69d78342d50484a4c501a87a56f9273bb14fcb35
92a824e9b79baed1ac8c3e8a31d9d2a0b3b57323fbc8243bf17ffc2249f466b3
93586803380d50e8036a5d4b6d5e190fa9ac41406cefedb69ef537ed831bf674
950d38a5d43c8aec1bc79ef00db9bc5f989137380c2418596936d1c448abf6b5
95ed93ccd83965265ccefd18826e8c5e982913e426ec66f17ae51b536f321c39
9985ac459ea907188d584f5581d352d8a2878907da7771b677c757c44e6b643e
99da222a409dec8747d44bfc1e81d9d2f03d9e3ca0b91b6fe29fed5144856eab
9af699061ede3e083ea90fffb90a448dffc727e91c6a2a35bfef9b1eb911dd85
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c5e32b4b10e4fddf5105ac8bee3f993ffe8896d1361abbfcd90efe7e17b36c0
9e0ba32b929fc93c00ab05f70844e1e5800970713bffc5d2a733f865a10f6311
9e32531923f49e423051dc689482662c31baf6ccc3b6bc582113afd7cebe0547
9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376
9eac43006190d1d5bc549a5422214ad49b64c8e5be88da5806c3c681788853e8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a363616fb2b7d8f0dd448d8fe288c9d3c27d9243c93b83b2b04517a7e84abeaf
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963
a7deea224046ed78860f5244fa977c7b54c21f60f11cebba64cf8bc989d107d4
a805ce4168f287c9adb0f5b140450a27c8ee3e8cff36658e9a21904b99eb4e4f
aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aad607bb118c64ecff7bb76bdde7068bf9c0269259158e0357f06062e17897df
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
ab6dcf03b39788c90ffd0a5c4f63d0fd04760287fd366066abd721a22b60f6ea
adc852fca088f68dba885b615f8b1d81dbf6be79dfce71714be72af83547c9a0
b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd
b13a28944d5d9410ecdd8c3a96c9cded1b0b00e6ff711bc0c43968f9848547a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b144fb40dc94ef312b2a28701da77e88a1d738e0bcf9a6f75c77635503483835
b32c0847f9a9d8f345b07debe5ebf8db0279d2e78a0c0e0665e0f48c552816ce
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b590c0d4585627720a7d31ca5de41aa2fdfcdbbd60920283b6187f6055fc9c09
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b68933f943fdc6a74ae8922cfdf65dd8928bd4b9afb8d9b0c464daafc1a4ccce
b781b314e0d668857badb3100a4026984a45ba3a554020b71acb0cd317b68511
b7c39e2da1a94289cef6cc619591eda5a978f4c2d306c7a43b1020263c127eb6
b8cadca9ac0a204c8d0e7fc70fadcc71c635c8a5dd6b778de0de75db4e5db918
b9693748f68ee96251a97c3e8ad08e6561fc5b18a4d84f580825b1fded19499d
bdade9f8c892891b39ca96aa96190dbb11406daa4e807c4f1edd5d7c4b26d16e
be286e17fa8f2aca0d4857d83f4f18897cbdf80e8e4b1aab04977526cdd80e20
bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf6fe0ef9cc20bb63723f03fa570321390a1648a9b5606f45551c8a64886d946
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c259b4fda69529034285dd9afe1018357f20d4ae81a845e1049cb92f0e15c415
c31cb358aabb1dfb4fa9339e63909567f3049ff25c60f323fc417319daba584c
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
ce2a201672e787a6913e5914533e16534aa3d41c87352796ab0e675e34616fd9
cfb57d656a1a3c24f06bcc0d687666b25942016f29ce9a623947101fd6bf0217
cfcfb02841c32eb5d4e3e4ffb2b1dbb2fcea0938f511b9fecaf9229e8e6b4821
cfe7cc2d9d899a3644c22c4043c7c7f3e9a05bd4321925f2a3e757ae457c0b54
d08e156cab91cdaa82b1cc48e5fcf99112825867d6cef4036a40d3c1c01a74a0
d300ecc84df53cf8df9c16681dfe698386084bacab98ca335afd0603c3dcc852
d3181ba9ddfb53f7e1a034cfbb08e110789083ab2edeaf6691067ec8a696250d
d4066d249f94dab60bc1a571727ea7ee87cb8947f6b16e74feb3a26f3cf7848e
d48ba970970432b124b419337b31e8d4034e90171e7266365a5d9ce53c3e64a0
d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b
d5f5bdeefac4b58a78182e935fc4be69911a016c622ddb82dc4c248a487487c0
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e5ef4bcb5f87ae36c7033fffd324469ed03515dfb8f5635357d4832eeeda70
d899bbc105965af3e3e41bdff662c3a16c3253f9e03fb6dffeb9e6303be631a8
d94dd88cb98c7e6ad5d69558cb42f48d615f38563a1616753e5389280a57c22b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9fbc48031df4c3e406e8443afc3d83ac669ce24eeb5f329d8707fa0af73e3b8
da282b76aa8d03c16cd3bf920f56c7a0a69886a7425f96b1fe35b33b68548916
dbc1076ec7f573ca6a689ed040859450bf254c1cbbd522cc153d065c10325f88
ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff6f4d907290bdbe74812bf73b590f268694e0a30e64b4bb24b803a47b3e319
e0e191a69ed050749395ad51b641f4877cb9e6a1013a97d7d34759dea223f350
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e315f3cfd984ffdd2fc233739e2a1e55a92bf74456613cf2d684c1ebeb6d9daf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43676a0aaa34d6f18de53d2fc2fca0c3c094fec8c18a5407f3737053883ae74
e4d55b7c1d2eb3b11780a56183efbc330195917ee9df4911764f9960232696f6
e51442a2b4d583b0fac1ea09efade3e9eb32ffce5b4fc4835f1db7acd7c11a68
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e62d613c90a4ba1de3b690581dab0d1730880e96e432f7a638bbc6f19fc0ab93
e63177c46665df699329a9d4b36897d6c1fe384c0f76b2994bfaa101395b65fc
e782a38a61caced659a0a8460267c5cec9a6ff1f0cf9653459bacd31e1ea69bd
e81ea885fb28fd3c4cf9352eca9f38581bf992cb4ed86fdf0459aede4d7828ae
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f07ad6f3b0a51d03ff00cb82aabc43fee1c7b5898c7846773e9405510bbd4ba4
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f1720896223132687cfb0bf6bd6f3e6b13b7c15ba7390c402ca6990ca30b18ec
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f354628adf0a64b82b6d77d9b7000bd610abff3bd5cac100027433f8b976310a
f3943403fa574f048b588642d8370339a02dce3a7ec8a578662ecbc885b48e54
f3d892fc44b84de1dcffc91971ce4ba67d2f088231a4b85e5756e53bb4a7d8f2
f442d8bc11e22a5f4eaa803a2fae5e5a16c84ab785ac073375b6a1f9cb2aa9c5
f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da
f7727be307c4411a42184a251e96936894a8e08ce6cd5a300bdbbd4bfb84997b
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fa25cd0b64b917ede17b241c5273e42553a67d8a1b2c559dae8d9bfdc5c6cbf4
fca0b51fcb6db344456faa3b9899a6120de5ed618b28427f966b31079ddee735
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

entreterse.com.br Open in urlscan Pro 104.21.68.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

324 Requests

99 %HTTPS

46 %IPv6

52 Domains

76 Subdomains

56 IPs

7 Countries

6865 kBTransfer

14781 kBSize

0 Cookies

12 Outgoing links

Page URL History

Redirected requests

324 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

entreterse.com.br Open in urlscan Pro
104.21.68.181 Public Scan

Screenshot
Live screenshot

Full Image

324
Requests

99 %
HTTPS

46 %
IPv6

52
Domains

76
Subdomains

56
IPs

7
Countries

6865 kB
Transfer

14781 kB
Size

0
Cookies

324 HTTP transactions
10 data transactions