Submitted URL: https://webstories.us-east-1.elasticbeanstalk.com/
Effective URL: https://www.otempo.com.br/web-stories
Submission: On November 24 via api from US — Scanned from US

Summary

This website contacted 25 IPs in 1 countries across 21 domains to perform 66 HTTP transactions. The main IP is 2600:1408:c400:27::17da:da9e, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.otempo.com.br. The Cisco Umbrella rank of the primary domain is 506051.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.
This is the only time www.otempo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.21.145.80 14618 (AMAZON-AES)
1 7 2600:1408:c40... 20940 (AKAMAI-ASN1)
22 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
2 2620:116:800b... 14618 (AMAZON-AES)
2 2620:1ec:bdf::38 8075 (MICROSOFT...)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2600:9000:201... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
2 20.114.190.119 8075 (MICROSOFT...)
1 54.84.191.183 14618 (AMAZON-AES)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.236.97.67 16509 (AMAZON-02)
2 2 172.253.115.155 15169 (GOOGLE)
1 1 23.50.124.206 16625 (AKAMAI-AS)
1 2 3.225.218.10 14618 (AMAZON-AES)
66 25
Apex Domain
Subdomains
Transfer
29 otempo.com.br
webstories.otempo.com.br
www.otempo.com.br — Cisco Umbrella Rank: 506051
1 MB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 28178
usr.navdmp.com — Cisco Umbrella Rank: 33544
cdn.navdmp.com — Cisco Umbrella Rank: 7255
sync2.navdmp.com — Cisco Umbrella Rank: 55137
sync.navdmp.com — Cisco Umbrella Rank: 13151
6 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
x.clarity.ms — Cisco Umbrella Rank: 7419
c.clarity.ms — Cisco Umbrella Rank: 1405
28 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
167 KB
3 gstatic.com
fonts.gstatic.com
79 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
255 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 82300
26 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
386 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1444
c.go-mpulse.net — Cisco Umbrella Rank: 654
50 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
9 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
25 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1982
623 B
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 114788
461 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
764 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 157
256 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
247 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
642 B
1 elasticbeanstalk.com
webstories.us-east-1.elasticbeanstalk.com
116 B
66 21
Domain Requested by
22 www.otempo.com.br www.otempo.com.br
7 webstories.otempo.com.br 1 redirects www.otempo.com.br
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com www.otempo.com.br
2 cm.g.doubleclick.net 2 redirects
2 tag.navdmp.com www.otempo.com.br
tag.navdmp.com
2 c.clarity.ms 1 redirects
2 x.clarity.ms www.clarity.ms
2 connect.facebook.net www.otempo.com.br
connect.facebook.net
2 www.clarity.ms www.otempo.com.br
www.clarity.ms
2 static.chartbeat.com www.otempo.com.br
2 securepubads.g.doubleclick.net www.otempo.com.br
securepubads.g.doubleclick.net
2 fonts.googleapis.com www.otempo.com.br
client
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 ivccf.ivcbrasil.org.br
1 usr.navdmp.com tag.navdmp.com
1 gadasource.storage.googleapis.com www.otempo.com.br
1 c.bing.com 1 redirects
1 www.facebook.com www.otempo.com.br
1 ping.chartbeat.net www.otempo.com.br
1 pixel.quantserve.com www.otempo.com.br
1 c.go-mpulse.net s.go-mpulse.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 s.go-mpulse.net www.otempo.com.br
1 secure.quantserve.com www.otempo.com.br
1 webstories.us-east-1.elasticbeanstalk.com 1 redirects
66 34
Subject Issuer Validity Valid
www.otempo.com.br
R3
2023-11-03 -
2024-02-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-02 -
2023-12-01
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
*.storage.googleapis.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-04 -
2024-05-03
a year crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M02
2023-05-01 -
2024-05-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.otempo.com.br/web-stories
Frame ID: F1F2243DC7A0901637037288B80E7A12
Requests: 68 HTTP requests in this frame

Screenshot

Page Title

Webstories | O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPO

Page URL History Show full URLs

  1. https://webstories.us-east-1.elasticbeanstalk.com/ HTTP 301
    https://webstories.otempo.com.br/ HTTP 301
    https://www.otempo.com.br/web-stories Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

66
Requests

94 %
HTTPS

71 %
IPv6

21
Domains

34
Subdomains

25
IPs

1
Countries

2004 kB
Transfer

6032 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webstories.us-east-1.elasticbeanstalk.com/ HTTP 301
    https://webstories.otempo.com.br/ HTTP 301
    https://www.otempo.com.br/web-stories Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&RedC=c.clarity.ms&MXFR=1BAECC1288E260C824C4DFC18CE26E12 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&MUID=195E0B13ADBE6CB9256F18C0ACD26D5F
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84592490782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=84592490782&google_tc= HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=84592490782&google_gid=CAESEAhn24O4tsOjcz_9uKejRA0&google_cver=1
Request Chain 64
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=6f8b6560-8b5a-4400-806a-9c4e71bc9164
Request Chain 65
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request web-stories
www.otempo.com.br/
Redirect Chain
  • https://webstories.us-east-1.elasticbeanstalk.com/
  • https://webstories.otempo.com.br/
  • https://www.otempo.com.br/web-stories
2 MB
250 KB
Document
General
Full URL
https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f2040b7ef8ed56da2aa96d26213c2f812bd79af7dd24184dddff12265ea8fdbc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
cache-control
max-age=300
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 11:39:03 GMT
etag
"1dcb0c-j0mMqDW0ncFQz6OKVjo+Qm+QBFk"
referrer-policy
origin
server
nginx
server-timing
cdn-cache; desc=REVALIDATE edge; dur=162 origin; dur=1158 ak_p; desc="1700825942521_400425630_2658844572_132076_10056_52_109_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 24 Nov 2023 11:39:02 GMT
expires
Fri, 24 Nov 2023 11:39:02 GMT
location
https://www.otempo.com.br/web-stories
pragma
no-cache
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1700825942208_400425633_1386677140_22_7248_52_124_255";dur=1
strict-transport-security
max-age=86400
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&family=Montserrat:wght@400;700&family=Roboto:wght@500&display=swap
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb213ab6002100e2541d3c45d40e0eeb1252f302945f03dd065a242555cfc291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.otempo.com.br/
Origin
https://www.otempo.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 11:18:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 11:39:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18847b86a7d5fff36ff7dacec08df447e407a78f2b1189c49fffa11ddb6aa9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31475
x-xss-protection
0
server
cafe
etag
148 / 19685 / 31079657 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 11:39:04 GMT
js
www.googletagmanager.com/gtag/
294 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
277c220f83f94e26ce8f2388181e3f186cc75e40d3862c6b777d2be46f25d36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97629
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 11:39:04 GMT
js
www.googletagmanager.com/gtag/
273 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F1R8GNWX4Y
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
806e284a775dfba747ddc0e5e1782884902fda97815948ee295bbebb1a324139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92617
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 11:39:04 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:e200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 22:00:36 GMT
content-encoding
gzip
via
1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:31 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
49108
etag
W/"655577bf-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
J_DsrlhfaqPzaOth07xjxNFUU-9m5cSl_GMNxvabv7z2jqeqn951Ow==
expires
Fri, 24 Nov 2023 22:00:36 GMT
ad83b09.js
www.otempo.com.br/_nuxt/
7 KB
4 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/ad83b09.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
48bbdcb7d107c0581e70dae6148a8d150bd74701a080a9e73ae6f2bf7ac81b05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Thu, 23 Nov 2023 13:42:54 GMT
server
nginx
etag
W/"1c9e-18bfc6b5330"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944028_400425630_2658864310_66_8365_52_0_219";dur=1
accept-ranges
bytes
content-length
3903
expires
Sun, 24 Dec 2023 11:39:04 GMT
7419e4c.js
www.otempo.com.br/_nuxt/
252 KB
87 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/7419e4c.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7aeb70851ddbc23d920e6b153f9debcb6ee33ca6f0b2f504a6e4ab7306d18fba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"3f0db-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944029_400425630_2658864312_74_8229_52_0_219";dur=1
accept-ranges
bytes
content-length
88328
expires
Sun, 24 Dec 2023 11:39:04 GMT
8c94de1.js
www.otempo.com.br/_nuxt/
537 KB
166 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/8c94de1.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fadd7cffcf66546d448933935e8ef1584cdcc380d317bc84e17907dc00ac5d98
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"864c1-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944028_400425630_2658864313_72_8377_52_0_219";dur=1
accept-ranges
bytes
content-length
169314
expires
Sun, 24 Dec 2023 11:39:04 GMT
e5ef185.js
www.otempo.com.br/_nuxt/
350 KB
75 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/e5ef185.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1446361dd211b0bedf24be297466ffcc55ac633ceb0405754b1f3cbe83125583
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Fri, 17 Nov 2023 18:10:06 GMT
server
nginx
etag
W/"5785a-18bde79cc30"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944037_400425630_2658864314_769_9208_52_0_219";dur=1
accept-ranges
bytes
content-length
76875
expires
Sun, 24 Dec 2023 11:39:04 GMT
417fe99.js
www.otempo.com.br/_nuxt/
19 KB
7 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/417fe99.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9bd14e25e57db523cafe4cb6dfdd074f5fc1ab6c9fce31bf327d415cc16f9947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"4b83-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1700825944029_400425630_2658864315_679_12940_52_0_219";dur=1
accept-ranges
bytes
content-length
6306
expires
Sun, 24 Dec 2023 11:39:04 GMT
fecd8c1.js
www.otempo.com.br/_nuxt/
28 KB
4 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/fecd8c1.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a9804250cc0e0039b709e7d32fa3b4bdaadb401b18ac183de9baf87788e2efb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"7186-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1700825944029_400425630_2658864316_1265_7874_52_0_219";dur=1
accept-ranges
bytes
content-length
3300
expires
Sun, 24 Dec 2023 11:39:04 GMT
87b413f.js
www.otempo.com.br/_nuxt/
15 KB
2 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/87b413f.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e93958e8fb369e63474470c373886b612ef4bad14360c1f99ee5543522145349
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"3d1b-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1700825944029_400425630_2658864318_383_8187_52_0_219";dur=1
accept-ranges
bytes
content-length
1713
expires
Sun, 24 Dec 2023 11:39:04 GMT
f2a437a.js
www.otempo.com.br/_nuxt/
22 KB
5 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/f2a437a.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2ea92ddf247db08544f20e56830d7977cc6da9d79f79d58e42ff4f9312153c5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Fri, 17 Nov 2023 18:10:06 GMT
server
nginx
etag
W/"572a-18bde79cc30"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1700825944028_400425630_2658864321_621_8602_52_0_219";dur=1
accept-ranges
bytes
content-length
5251
expires
Sun, 24 Dec 2023 11:39:04 GMT
cba751f.js
www.otempo.com.br/_nuxt/
22 KB
7 KB
Script
General
Full URL
https://www.otempo.com.br/_nuxt/cba751f.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fefae9fc22d8cc8e521183d8957052fb3c35234a3850e6d815f7734821ab9e0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"59ed-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1700825944028_400425630_2658864322_2198_8527_52_0_219";dur=1
accept-ranges
bytes
content-length
6413
expires
Sun, 24 Dec 2023 11:39:04 GMT
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 01 Dec 2023 11:39:04 GMT
hc3hij1thq
www.clarity.ms/tag/
1016 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/hc3hij1thq
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1d6c6fdd3d974571797cb8cf39959cb7093c7850e526c44f68a2d2fce54d959

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Fri, 24 Nov 2023 11:39:04 GMT
x-azure-ref
20231124T113904Z-cs3hke9z392570q1x0chagfknw0000000ckg0000000031gg
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1016
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
SC47L-4MK55-7NYMX-JHS4F-UX8KX
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:188a::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Fri, 03 Nov 2023 22:51:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
otempo.79a9c73.svg
www.otempo.com.br/_nuxt/img/
4 KB
1 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/otempo.79a9c73.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"eed-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944066_400425630_2658864873_311_9056_52_0_146";dur=1
accept-ranges
bytes
content-length
1169
expires
Sun, 24 Dec 2023 11:39:04 GMT
sports.d1a7b7e.svg
www.otempo.com.br/_nuxt/img/
3 KB
2 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/sports.d1a7b7e.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d9158a8be907eaaf61aed88a2f3148c8bec552dba99a04cd4d3b39a9930dfc4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 07 Nov 2023 14:35:47 GMT
server
nginx
etag
W/"d1b-18baa35fdb8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944086_400425630_2658865097_500_7677_52_0_146";dur=1
accept-ranges
bytes
content-length
1457
expires
Sun, 24 Dec 2023 11:39:04 GMT
fm_o_tempo.41cc727.svg
www.otempo.com.br/_nuxt/img/
3 KB
1 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/fm_o_tempo.41cc727.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
795ca227b8f9c8f5091681e8b3669218832c62cf19c4badafe112e87276d3e24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Thu, 14 Sep 2023 21:59:20 GMT
server
nginx
etag
W/"b1d-18a95b4aac0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944083_400425630_2658865099_266_8469_52_0_146";dur=1
accept-ranges
bytes
content-length
1122
expires
Sun, 24 Dec 2023 11:39:04 GMT
betim.9913804.svg
www.otempo.com.br/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/betim.9913804.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d068359b0e39d4791c39f6381123db00e5e81ef30c4317347421a221fd39a36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 31 Oct 2023 14:41:48 GMT
server
nginx
etag
W/"7f4-18b862efbe0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944083_400425630_2658865100_274_8343_52_0_146";dur=1
accept-ranges
bytes
content-length
817
expires
Sun, 24 Dec 2023 11:39:04 GMT
super.59b6aaa.svg
www.otempo.com.br/_nuxt/img/
3 KB
2 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/super.59b6aaa.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
64a5589fa5d5d7ca7d4691fa0ab31f4aacd3544e8287e871585746a29c5a58e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 24 Oct 2023 11:57:08 GMT
server
nginx
etag
W/"c88-18b618bb620"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944086_400425630_2658865101_521_7464_52_0_146";dur=1
accept-ranges
bytes
content-length
1276
expires
Sun, 24 Dec 2023 11:39:04 GMT
politica.b47975a.svg
www.otempo.com.br/_nuxt/img/
3 KB
2 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/politica.b47975a.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
936a0c43f3d6717d751839d51372407166b21f6ba23efbc7c3bdb60c00bc8874
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Wed, 08 Nov 2023 21:34:18 GMT
server
nginx
etag
W/"d8e-18bb0db8390"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944082_400425630_2658865102_220_8999_52_0_146";dur=1
accept-ranges
bytes
content-length
1353
expires
Sun, 24 Dec 2023 11:39:04 GMT
cidades.8368097.svg
www.otempo.com.br/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/cidades.8368097.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a22ba8ea345fe27744f1d6d544bf31b937234815977423ef68e15470dd5a9976
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Wed, 08 Nov 2023 21:34:18 GMT
server
nginx
etag
W/"83d-18bb0db8390"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944082_400425630_2658865103_250_8613_52_0_146";dur=1
accept-ranges
bytes
content-length
932
expires
Sun, 24 Dec 2023 11:39:04 GMT
entretenimento.9bb21b3.svg
www.otempo.com.br/_nuxt/img/
6 KB
2 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/entretenimento.9bb21b3.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8baeab28817473b280863cba09abd1358c8d5182ea5185ec9ad62aa58e393e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Fri, 17 Nov 2023 18:10:06 GMT
server
nginx
etag
W/"1730-18bde79cc30"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944083_400425630_2658865104_261_8490_52_0_146";dur=1
accept-ranges
bytes
content-length
1833
expires
Sun, 24 Dec 2023 11:39:04 GMT
ultimas.217b5b4.svg
www.otempo.com.br/_nuxt/img/
1 KB
1010 B
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/ultimas.217b5b4.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a76fcbfb57b8f54928af0b95230b23d0569a864ba8b508275dd099ed14b00390
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Wed, 08 Nov 2023 21:34:18 GMT
server
nginx
etag
W/"522-18bb0db8390"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944082_400425630_2658865105_223_8932_52_0_146";dur=1
accept-ranges
bytes
content-length
647
expires
Sun, 24 Dec 2023 11:39:04 GMT
image.png
www.otempo.com.br/image/contentid/policy:1.2863879:1683343231/
12 KB
13 KB
Image
General
Full URL
https://www.otempo.com.br/image/contentid/policy:1.2863879:1683343231/image.png?f=&$p$f=aeb1590
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e74f4f8b944cdb9791942c185f35ef4587c6c3eff02914d55ba1e435118c9f00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Sat, 06 May 2023 03:22:36 GMT
x-serial
254
server
Akamai Image Manager
x-check-cacheable
YES
etag
"policy:1.2863879:1683343231"
content-type
image/avif
cache-control
no-transform, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944085_400425630_2658865106_502_12627_52_0_146";dur=1
content-length
12741
expires
Sun, 24 Dec 2023 11:39:04 GMT
truncated
/
733 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
otempo.2efc296.png
www.otempo.com.br/_nuxt/img/
866 B
1 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/otempo.2efc296.png
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Fri, 27 Oct 2023 03:15:11 GMT
server
Akamai Image Manager
etag
W/"6a6-18b618bb620"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-transform, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944082_400425630_2658865107_237_10338_52_0_146";dur=1
content-length
866
expires
Sun, 24 Dec 2023 11:39:04 GMT
truncated
/
754 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookies.f33c01d.svg
www.otempo.com.br/_nuxt/img/
33 KB
19 KB
Image
General
Full URL
https://www.otempo.com.br/_nuxt/img/cookies.f33c01d.svg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:da9e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 24 Nov 2023 11:39:04 GMT
last-modified
Tue, 24 Oct 2023 11:57:08 GMT
server
nginx
etag
W/"8254-18b618bb620"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700825944082_400425630_2658865108_232_8838_52_0_146";dur=1
accept-ranges
bytes
content-length
19404
expires
Sun, 24 Dec 2023 11:39:04 GMT
clarity.js
www.clarity.ms/s/0.7.18/
59 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hc3hij1thq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231124T113904Z-cs3hke9z392570q1x0chagfknw0000000ckg0000000031gq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5923cf30-301e-0010-705d-19ebb3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 11:39:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
qtmx58/YQiUUG5zkrsoYS5nmCExCyAk9WezaRffKW305YJmGnq7XeM66y7Je+WCsN/oC0FFXAea+cx+sMHaHGg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/
9 KB
825 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
899f8bf417ac18c7817e643f1d50d1e5aee2be2307db4f4124f49c345113a10d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 11:39:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 11:39:04 GMT
rules-p-UNeVmbpyHA1tL.js
rules.quantcount.com/
160 B
642 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-UNeVmbpyHA1tL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e628e44c6c55b106b85f27aa1e47edd3665d8f406585c7c75ff1e23bd0970abe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:05:01 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
2086
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 15 Sep 2023 14:50:11 GMT
server
AmazonS3
etag
"b87e37628fed805ab768cb2019b49fb4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ozw2jJXIeYqnLrHc2sRg1H2bZrO5oR95Y2BkKm7T15s93S9x2e_7rw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/
429 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
27562
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:59:42 GMT
collect
www.google-analytics.com/g/
0
247 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-F1R8GNWX4Y&gtm=45je3b81v9130089172&_p=1700825944022&gcd=11l1l1l1l1&dma=0&cid=1765295352.1700825944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700825944&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories&dt=Webstories%20%7C%20O%20TEMPO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2890
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F1R8GNWX4Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.otempo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1VXJ83ESPC&gtm=45je3b81v883286285&_p=1700825944022&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1765295352.1700825944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700825944&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories&dt=Webstories%20%7C%20O%20TEMPO&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2916
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.otempo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1VXJ83ESPC&cid=1765295352.1700825944&gtm=45je3b81v883286285&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.otempo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/
0
176 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=SC47L-4MK55-7NYMX-JHS4F-UX8KX&d=www.otempo.com.br&t=5669420&v=1.720.0&sl=0&si=b11c1b2a-9bd4-4ee2-8b30-173fa7fafd57-s4mlp2&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=752979
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:790::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Nov 2023 11:39:04 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Content-Type
application/json
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.otempo.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 11:51:17 GMT
x-content-type-options
nosniff
age
258467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 11:51:17 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.otempo.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 19:49:08 GMT
x-content-type-options
nosniff
age
488996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 19:49:08 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.otempo.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:30:59 GMT
x-content-type-options
nosniff
age
43685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:30:59 GMT
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/e5ef185.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:e200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:48:39 GMT
content-encoding
gzip
via
1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 01:59:58 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
53425
etag
W/"6555779e-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
M58V46gOK6LuEMARQwNKRZB_g6tgvDZ-sPL8k4ezjRNV2OtU_Pd5tw==
expires
Fri, 24 Nov 2023 20:48:39 GMT
collect
x.clarity.ms/
0
297 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.otempo.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.otempo.com.br
Date
Fri, 24 Nov 2023 11:39:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
cropped-iStock-1136639163.jpg
webstories.otempo.com.br/wp-content/uploads/2023/11/
108 KB
109 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/cropped-iStock-1136639163.jpg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
62f5083bfb2db73035117ce226e61eb9b3a70d6ec89246788160eb3dffa5465d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 22 Nov 2023 20:11:14 GMT
etag
"655e6062-1b1ee"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2450399
server-timing
cdn-cache; desc=HIT, edge; dur=41, origin; dur=0, ak_p; desc="1700825944942_400425633_1386677575_4074_10155_57_0_146";dur=1
accept-ranges
bytes
content-length
111086
WhatsApp-Image-2023-11-21-at-15.53.28.jpeg
webstories.otempo.com.br/wp-content/uploads/2023/11/
64 KB
65 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-21-at-15.53.28.jpeg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e6d146b8746d72a7b40278237a172bf47c6d04585f1cc93485e36eae6e4f2c6
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 21 Nov 2023 18:53:53 GMT
etag
"655cfcc1-1019f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2409093
server-timing
cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1700825944960_400425633_1386677577_1725_7740_57_0_146";dur=1
accept-ranges
bytes
content-length
65951
cropped-iStock-629828798-1.jpg
webstories.otempo.com.br/wp-content/uploads/2023/11/
100 KB
101 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/cropped-iStock-629828798-1.jpg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c2223cea1ddaa70ecee0376ee00f685964058f973ecf29ee6fb6f969100d378f
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 21 Nov 2023 17:27:44 GMT
etag
"655ce890-19113"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2354471
server-timing
cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1700825944953_400425633_1386677578_2243_7296_57_0_146";dur=1
accept-ranges
bytes
content-length
102675
cropped-iStock-1135152747.jpg
webstories.otempo.com.br/wp-content/uploads/2023/11/
158 KB
158 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/cropped-iStock-1135152747.jpg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fec8002a9db21473e32ac50b0d8f70256e2d6c22e72a7acfde96146ee296c1e4
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 22 Nov 2023 19:03:42 GMT
etag
"655e508e-2767c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2499371
server-timing
cdn-cache; desc=HIT, edge; dur=21, ak_p; desc="1700825944953_400425633_1386677579_2137_7303_57_0_146";dur=1
accept-ranges
bytes
content-length
161404
WhatsApp-Image-2023-11-20-at-13.35.19.jpeg
webstories.otempo.com.br/wp-content/uploads/2023/11/
111 KB
111 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-20-at-13.35.19.jpeg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6480fa77e9154bfbb92772a9e36206cbb2f9a0656f568ef46cc757d3b4845553
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Mon, 20 Nov 2023 16:40:42 GMT
etag
"655b8c0a-1bbcf"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2495179
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1700825944953_400425633_1386677580_1591_7299_57_0_146";dur=1
accept-ranges
bytes
content-length
113615
WhatsApp-Image-2023-11-22-at-17.30.02.jpeg
webstories.otempo.com.br/wp-content/uploads/2023/11/
73 KB
74 KB
Image
General
Full URL
https://webstories.otempo.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-22-at-17.30.02.jpeg
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daa1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
78d195a6a81d62518d08db5be2a47e5f60b115bc7850e300c2deed574fc35a3b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:04 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 22 Nov 2023 20:32:22 GMT
etag
"655e6556-12579"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2530940
server-timing
cdn-cache; desc=HIT, edge; dur=38, origin; dur=0, ak_p; desc="1700825944953_400425633_1386677581_3831_7284_57_0_219";dur=1
accept-ranges
bytes
content-length
75129
6157506134366228
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/6157506134366228?v=2.9.138&r=stable&domain=www.otempo.com.br
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d33e354efd2a224b4e48e884c854c257a7ee286532fa8e6200516fe82f59810
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 11:39:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35379
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
yU543RRy9l5AsSJs1nqqsWfhCmWe2BwmdKdHm8OtRfYf0Rsuneqxy1cqID8kaRdYggqWBOpu6op37d06UGsPjA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=1035260493;rf=0;a=p-UNeVmbpyHA1tL;url=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories;uh=81c0d3b50c3c83d9cad72a173add36d5727ac0395bd9764828b907839d73389c;uht=0;fpan=1;fpa=P0-1961615168-170082...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1035260493;rf=0;a=p-UNeVmbpyHA1tL;url=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories;uh=81c0d3b50c3c83d9cad72a173add36d5727ac0395bd9764828b907839d73389c;uht=0;fpan=1;fpa=P0-1961615168-1700825944393;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=otempo.com.br;dst=0;et=1700825944960;tzo=600;ogl=type.article%2Clocale.pt_BR%2Curl.https%3A%2F%2Fwww%252Eotempo%252Ecom%252Ebr%2Fentretenimento%2Frealities%2Fbbb%2F2023%2Fresultados%2Ctitle.Webstories%20%7C%20O%20TEMPO%2Cdescription.-%2Cimage.https%3A%2F%2Fwww%252Eotempo%252Ecom%252Ebr%2Fpolopoly_fs%2F1%252E718891!%2Fimage%2Fimage%252Ejpg;ses=21d3721a-cd73-4e0b-a728-9a43344f1a4e;mdl=
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=otempo.com.br&p=%2Fweb-stories&u=CJdjQgDkemvpDyvO-Z&d=otempo.com.br&g=66040&g0=Portal%20O%20Tempo&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2137&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories&b=3397&t=sfG_ICsDNB3DxSRRBBM4U2wD0-qt1&V=141&i=Webstories%20%7C%20O%20TEMPO&tz=600&sn=1&sv=CilDZcBJYuNDBNKRlFBB-IBkDVu8Wk&sd=1&im=06432c4f&_
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.191.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-191-183.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 24 Nov 2023 11:39:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=6157506134366228&ev=PageView&dl=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories&rl=&if=false&ts=1700825945041&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700825945039.1524149691&ler=empty&it=1700825944952&coo=false&rqm=GET
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Nov 2023 11:39:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&RedC=c.clarity.ms&MXFR=1BAECC1288E260C824C4DFC18CE26E12
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&MUID=195E0B13ADBE6CB9256F18C0ACD26D5F
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&MUID=195E0B13ADBE6CB9256F18C0ACD26D5F
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:05 GMT
last-modified
Wed, 30 Aug 2023 19:01:59 GMT
server
Microsoft-IIS/10.0
etag
"3f4a4a7474dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8DB0A67C241746E0B397DEA33D0D32D0 Ref B: MIAEDGE1912 Ref C: 2023-11-24T11:39:05Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F70C8197F990461A9498A4263B8BD85F&MUID=195E0B13ADBE6CB9256F18C0ACD26D5F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
gtm.js
www.googletagmanager.com/
217 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/e5ef185.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d3406b8396c56a4d4aae15c07baddb40d2d13e0968b23a54255485c61a19410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69961
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Nov 2023 11:39:05 GMT
ivc.js
gadasource.storage.googleapis.com/
71 KB
24 KB
Script
General
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 10:49:19 GMT
content-encoding
gzip
age
2986
x-guploader-uploadid
ABPtcPozN1XcP-2HS8GzC0Szm_EZSAlIIPqfTj1eqYOOC3wB27fAf5nQYJEtPFfvvdy3P4Uyme0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Fri, 24 Nov 2023 11:49:19 GMT
universal.min.js
tag.navdmp.com/
14 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.otempo.com.br
URL: https://www.otempo.com.br/web-stories
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
1848
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82b15e8f4cd021d9-MIA
expires
Fri, 24 Nov 2023 12:08:17 GMT
67531
tag.navdmp.com/u/
616 B
524 B
Script
General
Full URL
https://tag.navdmp.com/u/67531
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768b0b2946f231db309560d2478dc1110b09104d5f721020ea2569e313d1f176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:01 GMT
server
cloudflare
etag
W/"6137b32d-268"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82b15e8f8cec21d9-MIA
expires
Fri, 24 Nov 2023 12:39:05 GMT
usr
usr.navdmp.com/
359 B
432 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=67531&u=1&new=1&wst=0&wct=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e15be040d6fd80cc10365ff472ebe8e7e400bc09b935005fa252c9a1842e91e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Fri, 24 Nov 2023 11:39:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
82b15e8ffd3721d9-MIA
expires
Fri, 24 Nov 2023 12:39:05 GMT
i
ivccf.ivcbrasil.org.br/
43 B
461 B
Image
General
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1700825945649&e=pv&url=https%3A%2F%2Fwww.otempo.com.br%2Fweb-stories&page=Webstories%20%7C%20O%20TEMPO&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=33&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=97bf27d8-97ae-4647-8e66-cf57d8253110&dtm=1700825945646&vp=1600x1200&ds=1600x2137&vid=1&sid=97dc8c60-b6f0-4027-b3a5-d95150792d7b&duid=628a8658-22f8-4389-93f8-87615056aca4&fp=3406993386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.97.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-97-67.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 11:39:05 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
req
cdn.navdmp.com/
6 B
77 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&id=13b21af91ee30c393f9418b68710%7C0&acc=67531&tit=Webstories%2520%257C%2520O%2520TEMPO&url=https%253A%2F%2Fwww.otempo.com.br%2Fweb-stories&upd=1&new=1&h1=Webstories%2520do%2520O%2520Tempo
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82b15e90ada221d9-MIA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84592490782
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=84592490782&google_tc=
  • https://sync2.navdmp.com/sync?prtid=2&id=84592490782&google_gid=CAESEAhn24O4tsOjcz_9uKejRA0&google_cver=1
6 B
80 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=84592490782&google_gid=CAESEAhn24O4tsOjcz_9uKejRA0&google_cver=1
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82b15e922e8d21d9-MIA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=84592490782&google_gid=CAESEAhn24O4tsOjcz_9uKejRA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=6f8b6560-8b5a-4400-806a-9c4e71bc9164
43 B
129 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=6f8b6560-8b5a-4400-806a-9c4e71bc9164
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
82b15e91be4621d9-MIA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 24 Nov 2023 11:39:05 GMT
Server
MT3 1143 599e619 master iad iad-pixel-x23 config_version:"1605"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=6f8b6560-8b5a-4400-806a-9c4e71bc9164
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Fri, 24 Nov 2023 11:39:04 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
91 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.otempo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:39:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Fri, 24 Nov 2023 11:39:05 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.87
content-length
344
content-language
en
collect
x.clarity.ms/
0
297 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.otempo.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.otempo.com.br
Date
Fri, 24 Nov 2023 11:39:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| _qevents function| clarity object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| __NUXT__ function| fbq function| _fbq function| quantserve function| __qc object| ezt object| _qoptions object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| Hammer object| FontAwesomeConfig object| ___FONT_AWESOME___ object| core object| _sf_async_config object| $nuxt undefined| google_measure_js_timing object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY number| BOOMR_onload object| GlobalIvcNamespace function| ivc string| o object| a object| b function| Navegg object| naveggReady object| nvg67531 function| nvgGetSegment function| ltgc object| Snowplow

29 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: f2e208c4ecc54ab0993c7e48f017bd25.20231124.20241123
.otempo.com.br/ Name: _ga_F1R8GNWX4Y
Value: GS1.1.1700825944.1.0.1700825944.0.0.0
.otempo.com.br/ Name: _ga
Value: GA1.1.1765295352.1700825944
.otempo.com.br/ Name: _ga_1VXJ83ESPC
Value: GS1.1.1700825944.1.0.1700825944.60.0.0
.otempo.com.br/ Name: _clck
Value: gv2thq%7C2%7Cfgz%7C0%7C1423
.otempo.com.br/ Name: ak_bmsc
Value: 9DF17413C0262707140EEDC58077799E~000000000000000000000000000000~YAAQngLeF2s6MrCLAQAA41IgARUKjvHcc9sMl/IMayrDvGz6u3eQFcaZIuHZ/Aj4R/osy+s+OefenYT+obCcHh/JVLXv9M0yNSCx3IfEMw9W0+D4cW+i7AUUKh8beWtZqvXdqadPnErT0WovsHP0O6h1KxaVxih/owU5KXLmro6SGv9QIWimnACdWSphs/xZ5Ginv5drGTN1icVKpkFson2rIIILSpof1opaN0e4pwJEOkJdv58sEhn8Mt5A0a1X++3rXFs7KF8M8uYKD64z61kve7sCay3uOiCfUlbZJ1RabezYbKyTCbN+5QKNaN8BwMx4JybhvbKnWWz5NtiZm0Ca0WPuGTGtoQ1vsjDimwcEFvDqgwYz10qVRr1QTnptEVfPxgPjB9OovRu1ARbE/iCEwqE1cmZ4eO9kV8c=
.otempo.com.br/ Name: _cb
Value: CJdjQgDkemvpDyvO-Z
.otempo.com.br/ Name: _chartbeat2
Value: .1700825944966.1700825944966.1.CilDZcBJYuNDBNKRlFBB-IBkDVu8Wk.1
.otempo.com.br/ Name: _cb_svref
Value: null
.quantserve.com/ Name: mc
Value: 65608b59-02bc7-4fcb7-a7525
.otempo.com.br/ Name: _fbp
Value: fb.2.1700825945039.1524149691
.otempo.com.br/ Name: __qca
Value: P0-1961615168-1700825944393
.otempo.com.br/ Name: _clsk
Value: gjrrm2%7C1700825945372%7C1%7C1%7Cx.clarity.ms%2Fcollect
.navdmp.com/ Name: ac3
Value: 1
.bing.com/ Name: MUID
Value: 195E0B13ADBE6CB9256F18C0ACD26D5F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 195E0B13ADBE6CB9256F18C0ACD26D5F
www.otempo.com.br/ Name: _gada_ses.6032
Value: *
www.otempo.com.br/ Name: _gada_id.6032
Value: 628a8658-22f8-4389-93f8-87615056aca4.1700825946.1.1700825946.1700825946.97dc8c60-b6f0-4027-b3a5-d95150792d7b
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 195E0B13ADBE6CB9256F18C0ACD26D5F
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.otempo.com.br/ Name: privAu
Value: 0
.navdmp.com/ Name: nid
Value: 13b21af91e395e5af60bff8d1210|1|354
.otempo.com.br/ Name: nvg67531
Value: 13b21af91ee30c393f9418b68710|0_329
.mathtag.com/ Name: uuid
Value: 6f8b6560-8b5a-4400-806a-9c4e71bc9164
.yahoo.com/ Name: A3
Value: d=AQABBFmLYGUCEA7ALn7F1Voq9DQpV3SHY8EFEgEBAQHcYWVqZdxH0iMA_eMAAA&S=AQAAAgGRbP0ASsXBcJFmFMRhzeQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkgoIFoh8unK7cvm6VtbDA6D9cgyOe-PsUC_SZwyYgL2R6SVqkUNFK5q_Gjge4

2 Console Messages

Source Level URL
Text
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.otempo.com.br/web-stories
Message:
The resource https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&family=Montserrat:wght@400;700&family=Roboto:wght@500&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
ivccf.ivcbrasil.org.br
ping.chartbeat.net
pixel.mathtag.com
pixel.quantserve.com
rules.quantcount.com
s.go-mpulse.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
ups.analytics.yahoo.com
usr.navdmp.com
webstories.otempo.com.br
webstories.us-east-1.elasticbeanstalk.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.otempo.com.br
x.clarity.ms
172.253.115.155
20.114.190.119
20.125.209.212
2001:4860:4802:34::181
23.21.145.80
23.50.124.206
2600:1408:c400:188a::11a6
2600:1408:c400:27::17da:da9e
2600:1408:c400:27::17da:daa1
2600:1408:c400:790::11a6
2600:9000:201e:8600:6:44e3:f8c0:93a1
2600:9000:24f3:e200:18:1fcd:353:c61
2606:4700::6810:cf3
2607:f8b0:4004:c07::cf
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::9a
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:bdf::38
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.225.218.10
44.236.97.67
54.84.191.183
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0d068359b0e39d4791c39f6381123db00e5e81ef30c4317347421a221fd39a36
0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470
1446361dd211b0bedf24be297466ffcc55ac633ceb0405754b1f3cbe83125583
18847b86a7d5fff36ff7dacec08df447e407a78f2b1189c49fffa11ddb6aa9db
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
277c220f83f94e26ce8f2388181e3f186cc75e40d3862c6b777d2be46f25d36d
2d3406b8396c56a4d4aae15c07baddb40d2d13e0968b23a54255485c61a19410
2e15be040d6fd80cc10365ff472ebe8e7e400bc09b935005fa252c9a1842e91e
2ea92ddf247db08544f20e56830d7977cc6da9d79f79d58e42ff4f9312153c5b
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
48bbdcb7d107c0581e70dae6148a8d150bd74701a080a9e73ae6f2bf7ac81b05
5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984
62f5083bfb2db73035117ce226e61eb9b3a70d6ec89246788160eb3dffa5465d
63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90
6480fa77e9154bfbb92772a9e36206cbb2f9a0656f568ef46cc757d3b4845553
64a5589fa5d5d7ca7d4691fa0ab31f4aacd3544e8287e871585746a29c5a58e1
6d9158a8be907eaaf61aed88a2f3148c8bec552dba99a04cd4d3b39a9930dfc4
768b0b2946f231db309560d2478dc1110b09104d5f721020ea2569e313d1f176
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
78d195a6a81d62518d08db5be2a47e5f60b115bc7850e300c2deed574fc35a3b
795ca227b8f9c8f5091681e8b3669218832c62cf19c4badafe112e87276d3e24
7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444
7aeb70851ddbc23d920e6b153f9debcb6ee33ca6f0b2f504a6e4ab7306d18fba
806e284a775dfba747ddc0e5e1782884902fda97815948ee295bbebb1a324139
899f8bf417ac18c7817e643f1d50d1e5aee2be2307db4f4124f49c345113a10d
8a9804250cc0e0039b709e7d32fa3b4bdaadb401b18ac183de9baf87788e2efb
8e6d146b8746d72a7b40278237a172bf47c6d04585f1cc93485e36eae6e4f2c6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
936a0c43f3d6717d751839d51372407166b21f6ba23efbc7c3bdb60c00bc8874
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd14e25e57db523cafe4cb6dfdd074f5fc1ab6c9fce31bf327d415cc16f9947
9d33e354efd2a224b4e48e884c854c257a7ee286532fa8e6200516fe82f59810
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22ba8ea345fe27744f1d6d544bf31b937234815977423ef68e15470dd5a9976
a76fcbfb57b8f54928af0b95230b23d0569a864ba8b508275dd099ed14b00390
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
bb213ab6002100e2541d3c45d40e0eeb1252f302945f03dd065a242555cfc291
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2
c1d6c6fdd3d974571797cb8cf39959cb7093c7850e526c44f68a2d2fce54d959
c2223cea1ddaa70ecee0376ee00f685964058f973ecf29ee6fb6f969100d378f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e628e44c6c55b106b85f27aa1e47edd3665d8f406585c7c75ff1e23bd0970abe
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e74f4f8b944cdb9791942c185f35ef4587c6c3eff02914d55ba1e435118c9f00
e93958e8fb369e63474470c373886b612ef4bad14360c1f99ee5543522145349
f2040b7ef8ed56da2aa96d26213c2f812bd79af7dd24184dddff12265ea8fdbc
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f8baeab28817473b280863cba09abd1358c8d5182ea5185ec9ad62aa58e393e2
fadd7cffcf66546d448933935e8ef1584cdcc380d317bc84e17907dc00ac5d98
fec8002a9db21473e32ac50b0d8f70256e2d6c22e72a7acfde96146ee296c1e4
fefae9fc22d8cc8e521183d8957052fb3c35234a3850e6d815f7734821ab9e0b