es360.com.br Open in urlscan Pro
2606:4700:3035::6815:5c4f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://es360.com.br/
Submission Tags: analytics-framework
Submission: On April 21 via api (April 21st 2023, 10:15:21 pm UTC) from US — Scanned from DE

Summary HTTP 286 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 63 IPs in 8 countries across 44 domains to perform 286 HTTP transactions. The main IP is 2606:4700:3035::6815:5c4f, located in United States and belongs to CLOUDFLARENET, US. The main domain is es360.com.br.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2023. Valid for: 3 months.

This is the only time es360.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3035::6815:5c4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 40	200.147.4.47 200.147.4.47	7162 (Universo ...) (Universo Online S.A.)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 7	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
6	2600:9000:20e... 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:a00:1:aa11:940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:c600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.240 192.229.221.240	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
15	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:225... 2600:9000:2251:4a00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:b600:1e:82d4:d9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.21 65.9.95.21	16509 (AMAZON-02) (AMAZON-02)
1	100.25.247.168 100.25.247.168	14618 (AMAZON-AES) (AMAZON-AES)
1	81.17.55.112 81.17.55.112	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	3.69.213.122 3.69.213.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:7000:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 3	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	186.234.127.82 186.234.127.82	7162 (Universo ...) (Universo Online S.A.)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	52.71.154.29 52.71.154.29	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.194.101 35.186.194.101	() ()
2 2	151.101.2.49 151.101.2.49	() ()
1	162.19.80.91 162.19.80.91	() ()
1 1	54.72.3.113 54.72.3.113	() ()
1	104.111.217.14 104.111.217.14	() ()
1	2a04:4e42:200... 2a04:4e42:200::300	() ()
1	54.154.227.90 54.154.227.90	() ()
2 2	52.212.178.201 52.212.178.201	() ()
1	15.197.193.217 15.197.193.217	() ()
1 2	185.86.138.152 185.86.138.152	() ()
286	63

37 2606:4700:3035::6815:5c4f (United States)

ASN13335 (CLOUDFLARENET, US)

es360.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 200.147.4.47 (Brazil) 1 redirects

ASN7162 (Universo Online S.A., BR)
PTR: alunosonline.com.br

radios.band.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.band.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubimg.band.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2radios.band.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:a00:1:aa11:940:93a1 (United States)

ASN16509 (AMAZON-02, US)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.240 (United States)

ASN15133 (EDGECAST, US)

user.band.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

api.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:4a00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:b600:1e:82d4:d9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

privacy-sandbox.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-21.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.247.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-247-168.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.213.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-213-122.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:7000:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.185.99 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 186.234.127.82 (Brazil)

ASN7162 (Universo Online S.A., BR)

evpp.mm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.71.154.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-154-29.compute-1.amazonaws.com

as.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (None, ) 2 redirects

ASN- ()

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.80.91 (None, )

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.3.113 (None, ) 1 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (None, )

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.227.90 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.178.201 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.152 (None, ) 1 redirects

ASN- ()

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	uol.com.br 1 redirects radios.band.uol.com.br www.band.uol.com.br — Cisco Umbrella Rank: 191026 pubimg.band.uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 97942 privacy-sandbox.uol.com.br — Cisco Umbrella Rank: 191250 udr.uol.com.br — Cisco Umbrella Rank: 133315 api2radios.band.uol.com.br tracker.bt.uol.com.br — Cisco Umbrella Rank: 118043 evpp.mm.uol.com.br	2 MB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	1 MB
37	es360.com.br es360.com.br	2 MB
31	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	243 KB
15	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 25684 usr.navdmp.com — Cisco Umbrella Rank: 29308 cdn.navdmp.com — Cisco Umbrella Rank: 8329 sync2.navdmp.com — Cisco Umbrella Rank: 57742 sync.navdmp.com — Cisco Umbrella Rank: 16665	13 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	178 KB
8	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 acdn.adnxs.com — Cisco Umbrella Rank: 806 secure.adnxs.com	24 KB
7	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 84505 me.jsuol.com.br — Cisco Umbrella Rank: 115426	209 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	341 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 322	181 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3572 onesignal.com — Cisco Umbrella Rank: 1047 img.onesignal.com — Cisco Umbrella Rank: 7319	100 KB
5	cazamba.com api.cazamba.com — Cisco Umbrella Rank: 362951 as.cazamba.com — Cisco Umbrella Rank: 371798	37 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	2 MB
5	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	343 KB
4	tailtarget.com 1 redirects m.t.tailtarget.com — Cisco Umbrella Rank: 204351 d.tailtarget.com — Cisco Umbrella Rank: 94993 d.t.tailtarget.com	7 KB
4	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275 eus.rubiconproject.com — Cisco Umbrella Rank: 798 token.rubiconproject.com — Cisco Umbrella Rank: 795	12 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	59 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com — Cisco Umbrella Rank: 520	160 KB
3	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 2029 sync.smartadserver.com	2 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4642	27 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	610 B
2	smartclip.net 2 redirects ad.sxp.smartclip.net	700 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 442	378 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 218	3 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	844 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171	72 KB
1	adsrvr.org match.adsrvr.org	265 B
1	krxd.net beacon.krxd.net	337 B
1	taboola.com trc.taboola.com	372 B
1	bluekai.com tags.bluekai.com	227 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net	204 B
1	dyntrk.com gu.dyntrk.com	344 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	31 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	110 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1405	621 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1521	201 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	46 KB
1	band.com.br user.band.com.br	3 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2090	15 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	601 B
286	44

	Domain	Requested by
37	es360.com.br	es360.com.br
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net es360.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
22	pubimg.band.uol.com.br	www.band.uol.com.br
18	pagead2.googlesyndication.com	es360.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
17	securepubads.g.doubleclick.net	es360.com.br securepubads.g.doubleclick.net www.googletagservices.com
16	www.band.uol.com.br	es360.com.br www.band.uol.com.br
8	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	securepubads.g.doubleclick.net es360.com.br
6	sync.navdmp.com	www.band.uol.com.br as.cazamba.com
6	tm.jsuol.com.br	www.band.uol.com.br tm.jsuol.com.br tm.uol.com.br
6	ib.adnxs.com	2 redirects googleads.g.doubleclick.net www.band.uol.com.br acdn.adnxs.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net www.band.uol.com.br
5	evpp.mm.uol.com.br	www.band.uol.com.br
5	s0.2mdn.net	es360.com.br s0.2mdn.net googleads.g.doubleclick.net
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com es360.com.br
5	www.googletagmanager.com	es360.com.br www.googletagmanager.com www.band.uol.com.br
4	tag.navdmp.com	es360.com.br tag.navdmp.com as.cazamba.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com api.cazamba.com
3	as.cazamba.com	api.cazamba.com as.cazamba.com
3	tm.uol.com.br	tm.jsuol.com.br es360.com.br
3	onesignal.com	cdn.onesignal.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	static.addtoany.com	es360.com.br static.addtoany.com
2	sync.smartadserver.com	1 redirects as.cazamba.com
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.sxp.smartclip.net	2 redirects
2	eus.rubiconproject.com	tm.jsuol.com.br eus.rubiconproject.com
2	gum.criteo.com	www.band.uol.com.br
2	sb.scorecardresearch.com	es360.com.br
2	m.t.tailtarget.com	1 redirects www.band.uol.com.br
2	cdn.navdmp.com	tag.navdmp.com
2	usr.navdmp.com	tag.navdmp.com
2	api.cazamba.com	www.googletagmanager.com api.cazamba.com
2	www.gstatic.com	www.band.uol.com.br
2	googleads4.g.doubleclick.net	es360.com.br
2	www.google.com	es360.com.br tpc.googlesyndication.com
2	www.google.de	es360.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	es360.com.br cdn.onesignal.com
2	fonts.googleapis.com	es360.com.br securepubads.g.doubleclick.net
1	match.adsrvr.org	as.cazamba.com
1	secure.adnxs.com	1 redirects
1	beacon.krxd.net	tag.navdmp.com
1	trc.taboola.com	tag.navdmp.com
1	tags.bluekai.com	tag.navdmp.com
1	sync.crwdcntrl.net	1 redirects
1	gu.dyntrk.com	tag.navdmp.com
1	d.t.tailtarget.com	d.tailtarget.com
1	d.tailtarget.com	as.cazamba.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	tm.jsuol.com.br
1	imasdk.googleapis.com	api.cazamba.com
1	cdnjs.cloudflare.com	api.cazamba.com
1	cdn.jsdelivr.net	www.band.uol.com.br
1	tracker.bt.uol.com.br	es360.com.br
1	api2radios.band.uol.com.br	www.band.uol.com.br
1	ups.analytics.yahoo.com	www.band.uol.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	www.band.uol.com.br
1	udr.uol.com.br	www.band.uol.com.br
1	prebid-server.rubiconproject.com	www.band.uol.com.br
1	prg.smartadserver.com	www.band.uol.com.br
1	ping.chartbeat.net	www.band.uol.com.br
1	script.hotjar.com	static.hotjar.com
1	privacy-sandbox.uol.com.br	es360.com.br
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	user.band.com.br	www.band.uol.com.br
1	static.chartbeat.com	www.band.uol.com.br
1	me.jsuol.com.br	www.band.uol.com.br
1	img.onesignal.com	es360.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	radios.band.uol.com.br	1 redirects
1	ajax.googleapis.com	es360.com.br
286	81

This site contains links to these domains. Also see Links.

Domain
www.es360.com.br
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.es360.com.br GTS CA 1P5	`2023-04-02` - `2023-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.band.uol.com.br RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.jsuol.com.br Amazon RSA 2048 M02	`2023-02-21` - `2023-10-01`	7 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
band.com.br GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-03-03` - `2024-04-02`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.cazamba.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-11` - `2023-10-12`	a year	crt.sh
*.uol.com.br Amazon RSA 2048 M02	`2023-02-28` - `2023-09-03`	6 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
uol.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-09-21` - `2023-09-21`	a year	crt.sh
*.mm.uol.com.br RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-03` - `2024-03-02`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
*.dyntrk.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://es360.com.br/
Frame ID: 8771C7411933C8B498CED752B600E3C1
Requests: 81 HTTP requests in this frame

Frame: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Frame ID: 42A28C38E58151F0003CDC609B411CBE
Requests: 88 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 134967E81FCE953018B011E2AEFBD6A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: A75794BF760E7BFE588626B2A6310A04
Requests: 1 HTTP requests in this frame

Frame: https://9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B037B13D4C7CBAB12638C7722184A211
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2682241521928042&output=html&adk=1812271804&adf=3025194257&lmt=1682115313&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fes360.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682115313443&bpp=3&bdt=349&idt=280&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1577840248726&frm=20&pv=2&ga_vid=2119238327.1682115313&ga_sid=1682115314&ga_hid=1832817214&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074011%2C44782466&oid=2&pvsid=1331977944447861&tmod=1448930538&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321
Frame ID: 58A0DC5A7992C3B784F5788378A92814
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7h76YXdNoOEkUhiHcdMZ5mwhWTu5ry4590RcjnLjdWjmIfGhRpmWshiW5Uqk9THlD1s6Vil2il3L4AQ1H8khVvWd3QE66YDXwSoPNhv2tRE3ZqOMo1EgOHyCJHkJ0259N8ceovxuCvht3eaqhZnMa9u4clP_sBdRVvnERtE7dacDLBaWhasdx51plo-5AZtaowlaVLo27Ew-Or61jLCvO1yxOZcpUsbOkE1owpwEXHR0GBky8VrSStcmN064aIy9_cN14AfM1I3SKyUBjkGqXAFdJZqEr_QptQv4Ud3ZrUrY7nJDbbaQRl7bOzi1MIAF&sai=AMfl-YR0N8kwL1lGCPC5G7unpb7z6sYvetMKH_zweXdRHSjwjDjmTIyXxkbBnew6cFkn7xc0J_dJJnLpgi6C_1pmfs_05tVP-9jAkuls7MpxtVCUmOvuqe2KlvhZVbmPp8bErSYontVv61EUrzEtLOiy&sig=Cg0ArKJSzBPiPtpKFHexEAE&uach_m=[UACH]&adurl=
Frame ID: F938BAB854FAA9810050738D62CA71EA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2JoM_YO7PmrNufbLgeDciYwgjKT5SzV35w1DQG3VESnypKZnmOLU0zYt-H1DIsWnAB2qKdFfAC86a1dvQvIQcRa_bPjToZSQnB3ImAuSQbhzQ2bIPmtutxpVcb-2QsMtFiKgH4hynhP4iXf1Lqfo9YTZLiiw0JqFnQd5Zs3hICLWbABI8ZSIfvj0UvswrXctu_Jb9rzmqP7gMBuJTrwi7_QynhnKsNNYzmrajtcLtKD1lS7MKM9g0e3clDPI6c17PUlChCNqkFywoAw41DzhSgwoxarQirP-ILYCEqBa0cZJpQSiFnOcJ2AQiYlCm8VxC&sai=AMfl-YR2hShR8Di_9A2k4tyQN2XDpuGRaDFTeF5Q_gAzUCbJR1B3-9Z23v0MgvOWb5ffmXQ1dPazjkPnZpKnp-pATREinzpeVmlej_xlfE5o8_659yOOo3-sEvFBUcyqxsmoBNLTcLNoW5F4JdTCGD3O&sig=Cg0ArKJSzMaCca9Y2WrxEAE&uach_m=[UACH]&adurl=
Frame ID: 0E34EC0FF77A309A8BE330AFF3858BB3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYzRkshy3K8x-Sej6KdcTnnc5HUGimxku-7Ep6ThX7krhpZgb0pdnUkarKnGv5gILXJHdshfuhaZp5XftXk8NtP1OpCsi8hQRI6_qFM3TGxzRLSzc6NvpwZu2o1ZHWSlecEtBxbWk89mQnnPKqKrtkAIpnfnU77n6pGJOFBEEiJFovNtpeKIkalhMorjkcnur2i2i3AVs1utJuQhMt16sFlzw0c36nIozy15RKNEkxsJ9Vtxr-2DiOU5fMtMrnBSZYMkQHkpIvV-O1zkKY7EI0rajHCk9o1ORCCB9ys0Nxvbt7feIKs5TaTPWuAkYcIgzt12Pvrg&sai=AMfl-YTkHK1Le4ytRUgWb5PPErkIIzr7Td3caPVRwFQUeibcD-NLIS6okbTXfbZB75CRnWUFb6E_qvu5z7dYNbx1hn3P-75XBuKMEK2HY8Yl8JCT44qNgg2VeLPh1VzTQZdY92pj8AQj00U-kytEK2Ry&sig=Cg0ArKJSzFJ_hD27qgf4EAE&uach_m=[UACH]&adurl=
Frame ID: 9247D7AE509CC36807FBB0F9050698AE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJXRFJpmrZhiAE0MPh7sSHibayZkH-gUq_CmbPlZ-WpkFnFObu70z4ai7DgphfxbzSw7j_qknYpIIxqgK7ETKat1-seCuSu3pAQ8n_qI7czyitaA3Xpfqlkg8PkLj_1sRpgwleiwEJjPJgyWpSds8Sgg_T0REr2rka7ZtwfYMXtcXqR3CgtY_I5VLdmyPO3fzSxSDb1LR2Di_beaGWJUkrLPaZFtDCsJ9cPSi6GrY3xVAPOTFZEDq02DNvCteqx1rX3edwuC1kiiefTyjTDwYMMlIcjysm9AIdDflmtWXsusd_Nj8CTfRkoufm2pKSgXMZSg&sai=AMfl-YSJO5DsGD_WeEnrXHycYlYbcA1Ttd2bW1ep04thgqHCUIiRYexPdgbwTS5vDn3ZefaAKl_1KDTKP6_H3sEZH4PEMC5Fao2O5LbIFwjcwUo643xN5EGe2M0ar789Ly4HN1exRAvmW_F_zk0eS4tj&sig=Cg0ArKJSzP4W7gPUucenEAE&uach_m=[UACH]&adurl=
Frame ID: D7AEA87BC1B97A5A033C767CC927C853
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXrz5_-uXH0OE5bww0RfXs7n2XcJXEN7QQDXDEfdHXWyOFSlX3w6N4Rumf329eQeSdpJZgS7P2YyvT0uhlhe9fksYhXNSkR_9vLJJU66rigdx2y-g-j4saoURpJHLkFv7jadJUnUP6wlMMUqVZhNhVgkMJG-SXsLagBP21a9vLMrFRMCzcVgz0sM6Lt5dMkqNNIqwXWA_Z5KWbMLD8kBMsa5ts-rKoi69EdHeroll3YnLAw_3tN98xrwDUXI3TgJu8GaMGUUYvlhf4Oh6-vi90JvT4f33Vd8t25mq_7anF7yi4DHWkmZ9JsCZFVCr-7-8I&sai=AMfl-YTVCIana_Ej5kA8QRPBw0anGRweZaouuUwQUcHcBICJbqqRYGn3u2K6qNXbdDEFFlOBwvqTl-Uoopsbyxc4xjKaVD9UYjcYLA7E92Gx01sXpsEUmNGmHcO3sJBDtInYBHcDfbN-lvSbDpkWftFQ&sig=Cg0ArKJSzCopC_gLhp67EAE&uach_m=[UACH]&adurl=
Frame ID: C8CDC0B0E2C3DF248F70CAFAC3ED798D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5QNOa-E0YnWcpyfQgJeSuGd4wwY1yQqb-Q-rSfA1_z5cn-iJIxYqDW2Pa-9BCL7ICTvd4w78PQhactB5EMQPHoap-zBUGgZumUfw7CIv9Ek2Z97eHvzNZLn1QuJIsmEpX_WizEtQJ3_JV5Tp_ZjafyynLRS0eLJop4uW8S_etdptcRGBVi3Q0VBMNjXqCknv7n8ZlwWVbyQn3D1-Cl4eUY-kz0Y64uOlBRjbEEPA6u2pPZeQ-eL7HoTaymn7WYyw2587KiD2tPP7klaS1J_e88BFfLF3DhCx2PUOFsPk6t8rXHIXYv0RQSd_DGjZ9pkjcUnlQKA&sai=AMfl-YSKM2wLbV2oK3Vxo4yiycWkcLFKB3Dl5uFMsO-0rrKCT3uv5tSQWlHcGEjOoxw3klhcbIxaELMu9DQ561rRmEWToUr045jaEG8xh_QSlV2xD3qKr4mpLJQKJcdVWDeq8Eo_SvSSGSb7x_BJiEYp&sig=Cg0ArKJSzCDmDf9pqoLUEAE&uach_m=[UACH]&adurl=
Frame ID: BFE62ECD4E93C5A5C56E083250C515B7
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: D0C5418F250A13D4DE6BF96B881C1B54
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: A89405BB161045ED469091964B6943B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNX62-2TcgKygBlLqXT9piNmEKRL-CT8SbonHEmx3yT_mMWmar1dtRrD0irQKTuDlJQomR5wvxjHEsqgI9nrA1E6_U8dW1TTqhrPmT5XZ0EENM1NgOiIWAV3Mv7izy4_U8drviQ6C7YWaoHJvXrcB-StFiyS8Oq7nekQij5s5Vcl2_CjOPY
Frame ID: 5ED00BF8BA872A5B019444428D1654C3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3AFEAEFE670161426FFD9B02064C4765
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C0AFEDF8EB321DC1597FD97FFB73C8F2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Frame ID: 2CCE92BB9C067EEC3B8455474D7E41A3
Requests: 4 HTTP requests in this frame

Frame: https://user.band.com.br/rpc.html
Frame ID: 3909B7AA10D484871C4CA7A55258B6FF
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: A66096742640D393B9074E9A0D2B2CC6
Requests: 2 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 845AB575DDC8BF0A579F08663768CBB6
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: B627B595216DF63E58A4DC226E980E79
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 502F6A1D986A9EE7B504857E820883AA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 84F53733F4CE12B10159B82344ED8663
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0AC975B27372150364E4D04512A1A239
Requests: 3 HTTP requests in this frame

Frame: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Frame ID: 884381F37D549EFDDBDEFF306EBFF558
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7E878045F1686F7C8F663524DEE775C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FB81EF1C157D97CB93584C6B3F50596
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - ES360

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

286
Requests

95 %
HTTPS

53 %
IPv6

44
Domains

81
Subdomains

63
IPs

8
Countries

9791 kB
Transfer

17424 kB
Size

31
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.es360.com.br/
Title: Editorias

Search URL Search Domain Scan URL

URL: https://www.facebook.com/es360portal

Search URL Search Domain Scan URL

URL: https://www.instagram.com/es360portal/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaajX_ny8jHqZLdRyZU-nKg/featured

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://radios.band.uol.com.br/?radio=bandnews-vitoria HTTP 301
https://www.band.uol.com.br/radios/bandnews-fm/vitoria

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMK8lpm2qeGBfsqgRdepQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGr0zYWAwO-HBVlOpxL0Ysw&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyOTU2MDg5MDQ5OTA3MjE1Mg%3D%3D

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79837000997 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=79837000997&google_gid=CAESEIp6LmAt9rWeLicT-RAaDq8&google_cver=1

Request Chain 232

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=01096443-0af4-4900-8cc0-9431ba3fe1e7

Request Chain 233

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 234

https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a?check=1

Request Chain 277

https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
https://sync.navdmp.com/sync?prtid=25&sclid=fb6ec8df-f80a-4364-5ae7-5466189ad19d

Request Chain 278

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZEMK_AAAAIBxBABL HTTP 302
https://sync.navdmp.com/sync?prtid=17&tubid=ZEMK_AAAAIBxBABL&_test=ZEMK_AAAAIBxBABL

Request Chain 280

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=79837000997?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.navdmp.com/sync?prtid=38&lotid=

Request Chain 284

https://dpm.demdex.net/ibs:dpid=822&dpuuid=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fid%3D79837000997%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fid%3D79837000997%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?id=79837000997&adID=44781267808879441841565905763096101630&img=1

Request Chain 285

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
https://sync.navdmp.com/sync?appNx=4729560890499072152&img=1

Request Chain 287

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

286 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
es360.com.br/ 180 KB
27 KB 738ms
442ms Document
text/html 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0277965a25f47657bbf590697b5606d5b26d0d77fa743ca21af79d460584c726

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bb8fc001d6e9bd4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 22:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=379yRPmH%2Fuso%2BHLzgcfR1eQt%2FEPulFdMM70s%2B3aBNbO1WFdJGVj9%2FiQXzNCoLF4kiuYYMmX%2FdHWSiK4FBNAkgClRx0jXTK9ON6u4Vhi7ABw%2F0UECCqA7BYv4d38cMkJe1a0xkzeq%2Bi54ah4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
es360.com.br/wp-includes/css/dist/block-library/ 40 KB
6 KB 37ms
32ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jun 2020 01:19:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"5ee18685-a055"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwli7%2BklB4pHF5veT11PiKQfnre%2BaxrDArRreXlVm%2BX8XGojqyw%2BRAOJN30j4cRaYDOfMI4bLYiFM6E9GKduCivpsiXh%2FBKHMuO0cTWGH4665SFE2r1i3zbq4l8Nb%2FqbJi6W2IyFNd3U%2F1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9089bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 styles.css
es360.com.br/wp-content/plugins/contact-form-7/includes/css/ 1 KB
967 B 33ms
29ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e630ade354fa3ff25b807125e0daeb20fbb73e708633c6f2aa51b2ecd312fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=1746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 17 Jun 2020 01:13:38 GMT
server: cloudflare
etag: W/"5ee96e42-6d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg9aDpY0867Zf%2BSfaouWk4V8OtAtAWOsh6r%2FgO7aqIzpAEWlmiK5y0CyfTBz%2FhhHPQ9WTKRvPCSRVIzTTvl7LxCt4Hm3txzPQ0Ce2kYJwvnbryPXgB32Ycwn1w2I992FsvYGbvjlVhBxASM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9019bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 foobox.free.min.css
es360.com.br/wp-content/plugins/foobox-image-lightbox/free/css/ 29 KB
5 KB 43ms
38ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.16
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Mar 2021 04:32:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 199862
etag: W/"603c6e64-7312"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20bzAv%2FklwLUOKa6GfTGMFrH2RyXyjpsP84113T6QOSxUFjDl8hKhniQG1%2FuxLVAmHSUmme5sArB7onc90LhBHdvi5Wm3DekansO%2FRrr%2BN3GoyApvwZ8tB3OdrjHXc6ctyo4mQMMCrKk6qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9039bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 19 May 2023 14:44:11 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
36 KB 97ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=5.3.14

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:40:26 GMT
x-content-type-options: nosniff
age: 135287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36536
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 08:40:26 GMT

GET
H2 200 style.css
es360.com.br/wp-content/themes/zox-news/ 106 KB
18 KB 37ms
33ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/style.css?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0102d374bd3f3744190b2c7449784dd29f78679fe61017c82ef35b788087204f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=131496
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 21 Jul 2021 19:57:05 GMT
server: cloudflare
etag: W/"60f87c11-201a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FD02Q8ZEhY%2FD1m1x8EWXcbEjqgMRIskjcOoNC0QaYIxqNqGrvK7l5Qaprc63NxlOAdnlUosCcuLFEUxUQ39OjtgbKHRQ5%2FryJIUWQ7UOkdSczZmdyOU1TUNHd3MMEBlw1sDWWFDzgKvEIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9049bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 reset.css
es360.com.br/wp-content/themes/zox-news/css/ 765 B
770 B 33ms
29ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/css/reset.css?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb9bc1bc78d90f71123333c57089c68c1d8133c8762ddf3cca8684f9a04c9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199861
cf-polished: origSize=1082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: W/"6098ebb9-43a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQywwq7ujK31l4Ek5YEpMy13W2iONz5Tn0OR4NpcqasFhE0cGmWpiFIjQsdH2Tu%2BMvoKJzW2FFJ0V32agXVYIi1lv7I98jYN%2BcolgQlJXXoZDClfLAi35JJkU6xwUOBs0KbWv6RLurRpLps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9059bd4-FRA
expires: Fri, 19 May 2023 14:44:12 GMT

GET
H2 200 font-awesome.css
es360.com.br/wp-content/themes/zox-news/font-awesome/css/ 28 KB
7 KB 59ms
55ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb431b26a33e5c082aac8fa0bf7538e6a49407e7a7cb51f84c3b5a8f7758d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=35134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: W/"6098ebb9-893e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXlHEY4y8Cj%2FYDnJG0Ga7rWccn3z15VH4EtFjIETRdhFlSopilYVoiU4COkBX3hAIIx842bQSykU%2FNVlyhhpwwWhuYEbrsjk2dnjJdpasmDTXg%2By9gQXPl5JxVcG1PIv%2BcZ%2Ft%2F4w6XXyPgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9079bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
2 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Oswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPT+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8219d89498c6ff397abb97fcb2e1af38b112c54569c288fa650401c84dc41ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 20:53:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 media-queries.css
es360.com.br/wp-content/themes/zox-news/css/ 87 KB
10 KB 40ms
37ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/css/media-queries.css?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea05cc8ab1b71e68ecfc0c9cd64cf800181f4d8c4589650b2f285ec153341e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90750
cf-polished: origSize=118296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: W/"6098ebb9-1ce18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS6MPbKXZDY%2FzaCcVCo8tVSUE81CNk2xjwe25rRRP0J25epwtGkrLob83sTkvJ6OOxKWYbiwA0YsnH66z6Xkc6Jko7WPTFXKPz6yCJ86avq1WdTZCFR9cH%2FMu0kg8ViaIcWvko1U44B%2F2xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e90a9bd4-FRA
expires: Sat, 20 May 2023 21:02:43 GMT

GET
H2 200 addtoany.min.css
es360.com.br/wp-content/plugins/add-to-any/ 1 KB
747 B 34ms
31ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Sep 2020 00:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"5f557e76-5ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdgPIForTY2yqdKDfAW1NlPXzXPKZGxnaLZ%2B59FJSJZT2sVrvS%2Fb0QTIU5YWQ0lPMd1IkbDLjvqBFvGF%2FTiVajSSHNX3thIYglNiFL9zN2bjXRu%2F4ip%2BkH151PetkX8Ci1hfsjAR2Y3yNOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e90d9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 photobox.css
es360.com.br/wp-content/plugins/gallery-lightbox-slider/css/photobox/ 10 KB
3 KB 34ms
31ms Stylesheet
text/css 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/gallery-lightbox-slider/css/photobox/photobox.css?ver=1.0.0.35
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d495cad6b4d0121b05e9f4cfdf332b4dfdb4de8c175c9fdcbc2025473b84b901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199861
cf-polished: origSize=11466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Feb 2020 04:56:43 GMT
server: cloudflare
etag: W/"5e3f910b-2cca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ7uGImy90hn%2BQNBoKVd0f8dsIGfhIZ3i272VTYknebriaRSbDYQvVQW%2F0ZgdKYJBTZj%2BeB4N0DP7NeWvkcC%2F66fx88auplijD1Woo0hVpV5YthOzTSa4lA7zjetD%2Bj1bVDw9A8F8OHBOQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb8fc02e90f9bd4-FRA
expires: Fri, 19 May 2023 14:44:12 GMT

GET
H2 200 jquery.js Show response
es360.com.br/wp-includes/js/jquery/ 95 KB
34 KB 42ms
39ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=96873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 19 Jul 2019 18:31:41 GMT
server: cloudflare
etag: W/"5d320c8d-17a69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq5crwVO8LD9pqtvYWe92aV8yuI5z5lHIVPSvl%2BJ3mMIQP3XU3Ykjd%2BOcl2vxnoPB02e6jDr59vonRmQ8d%2BS4NV1GVTs1Dg9XflwNpMw3mSzf1cwv60RGRqi9xj8QbSMl0yjM6Mp%2Bc5m%2BAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc02e9109bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 ai-jquery.js Show response
es360.com.br/wp-content/plugins/ad-inserter/includes/js/ 14 B
376 B 58ms
56ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js?ver=5.3.14+2.6.3
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199860
cf-polished: origSize=18
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 20:31:47 GMT
server: cloudflare
etag: "5e4c49b3-12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VD5ojWtouNKOqkejtSVX3oG849CPcdEifg9qClDhvDKr3gvoOoWVuAcUCruw5p2D8kMkHDby1NnduRtDIm8NBsO9%2BwsCzUvc0SSsP5AaC3QEgfFzh0jQTcHfRcsKHFpBFvjaA5Lv6%2B1RSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc03092b9bd4-FRA
expires: Fri, 19 May 2023 14:44:13 GMT

GET
H2 200 addtoany.min.js Show response
es360.com.br/wp-content/plugins/add-to-any/ 129 B
445 B 59ms
57ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Sep 2020 00:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"5f557e76-81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDSphQsUUpT7nklk3devFk%2FBeH6PQXDDa%2FCZIKIZTrh%2FNus1a8WAeB7wtgE0vVMrf3SIBE8s2vSGI7NklVMx0mOW1BGe5X9RsdAgakPP%2FRNAYVtfIRXqfm%2BTDg19WssrpNKOlrIZYHFSIc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03092c9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 foobox.free.min.js Show response
es360.com.br/wp-content/plugins/foobox-image-lightbox/free/js/ 98 KB
29 KB 60ms
58ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.16
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Mar 2021 04:32:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 199860
etag: W/"603c6e64-18804"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeJoo%2B8HjYC%2FkE012IzSTHyfKQQJWwUG4q9pCzCHZImi%2BP9bffP0aCToUKI8ILJfkuGoXhnXouvg9DnNmLAM2pE7WvHjIgEvZBKUd997kSm9ggvyz%2BhyzTWlCFnOw6sPT9Dnr22yb2IZVW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03092d9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 19 May 2023 14:44:13 GMT

GET
H2 200 jquery.photobox.js Show response
es360.com.br/wp-content/plugins/gallery-lightbox-slider/js/jquery/photobox/ 22 KB
8 KB 64ms
62ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/gallery-lightbox-slider/js/jquery/photobox/jquery.photobox.js?ver=1.0.0.35
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 259e21f1c667731ce965e1c0897b071b28a8f5f1bf4581666a17eab6341fa8a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=44420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Feb 2020 04:56:43 GMT
server: cloudflare
etag: W/"5e3f910b-ad84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWC%2B3X4acrqJ4os9oqmmKvxcZouI2VsuDZsI%2FfC4DigTvXKB0yx7OP1e6UMq9DFYzx1dYgXum7ss3ElMHMsa3tsKqWA9xicWIg8cGC0mj9NNmzxp0xAx7VLIvvuwbsvZOTw2MrEhdaNCxrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03092e9bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 85ms
34ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143166139-1

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb9a08faa69a21c3961405a672f0768385ed6f67e9c6fec8a10ee38bb96826ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 61859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 141ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2682241521928042

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d0adab3b3a52b564eefa07cf9505e35e86fc35f2e1b80a99b097092ed031c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48025
x-xss-protection: 0
server: cafe
etag: 1884300470940592574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 201ms
122ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1e3d5bd4743410242ff9ccd03d5284734131d1314b556325108ac9a729139b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25098
x-xss-protection: 0
server: cafe
etag: 973 / 19468 / 31074080 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 jquery.adrotate.clicktracker.js Show response
es360.com.br/wp-content/plugins/adrotate/library/ 199 B
482 B 51ms
50ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Feb 2021 22:39:42 GMT
server: cloudflare
etag: W/"603432ae-16d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbdUogDURMOpjqyV3jfDhR1ZtMO%2BoJ4x35yziupVV4TCkqSXWG5sgm11ifC%2FcIU18xxGl4UksAac4XQLbioDLitxe1OcXp8VpFhSxMS3AFKiAlQe2YstByjjn%2FDrh8uzXFtTcXpTATSVRPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03092f9bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 scripts.js Show response
es360.com.br/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 45ms
43ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.9
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247228df59415e4e428ec3c48eeecf871b509aaeb7d8f2e50818a7ba41c7bc20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90750
cf-polished: origSize=14627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 17 Jun 2020 01:13:38 GMT
server: cloudflare
etag: W/"5ee96e42-3923"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqVAsl6JAmChqUkA%2B1DPlCmh49rMZZZhKef55xm4gGYHjvo3JwvKZQab28U7gveO1Ot46xAg6NkhiRlfDdSPJ1FPNd9sY7QjMCNxtoxrZtrqRYNBsjCnHeUYvEwBtwH4XDfh18IlRwZ%2FTh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309309bd4-FRA
expires: Sat, 20 May 2023 21:02:43 GMT

GET
H2 200 core.min.js Show response
es360.com.br/wp-includes/js/jquery/ui/ 4 KB
2 KB 49ms
48ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 21:18:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"6078adbb-f59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugpHmpNunqdnaZQuxQyvF033xqhDuNQ5YSHPVnBEtBmM46DAgwK3r63v6e71rAOHhqCwuexbPFI6QIQjqzzcxXEz9BYvgENWLZv9zb%2FjLps2%2BJojJ8WBY%2FQC2VedDndr3nLH8waqPQABeUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309319bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
es360.com.br/wp-content/plugins/zox-alp//scripts/ 3 KB
2 KB 50ms
49ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/zox-alp//scripts/jquery.sticky-kit.min.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 08:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"6098f1db-aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i07kICHLU28OWeULty7UK15KaT0EzI6zwsmLnkhu%2BpdDbcq0BLer7t2U73Wpsii3x955iUXYCSaIE3U50WczAUhEJNadJmNe0CKYW4DUOKpWI%2BqxGRcc3ARd85jQeJmLukLK42zU2990sF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309329bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 jquery.waypoints.min.js Show response
es360.com.br/wp-content/plugins/zox-alp//scripts/ 10 KB
3 KB 369ms
368ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/zox-alp//scripts/jquery.waypoints.min.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 May 2021 08:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6098f1db-28ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOAx5wnlkxcJb8HNODAtDVIf9EXiZ%2FAuEDBxV2rBcm4SrvfRpnIE21O0veOxSxkMLRgfYIIo3wVakPczw%2Fl7d7RQ10v73LwsW392dVZgvkaQKeIBFnS0CqQFMSWpZG7e3WEp2PsLAGOwSkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309349bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H2 200 smush-lazy-load.min.js Show response
es360.com.br/wp-content/plugins/wp-smushit/app/assets/js/ 10 KB
4 KB 397ms
396ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.6.3
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Sep 2020 00:27:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f557e56-26d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CgFkMcGhZbbpgfKg3mj%2Fa7W8ErKZpXC8oUvpYfn9WIg4%2FftVuGk1jqT%2F6APmiAv6%2B0T9YyMSPkZMIxG%2BrMhwS8QWsS4qpF4OwcjNh3o1B%2B%2BFhB4M9%2B%2FypnfGervr5a0FHyEvtioN2udd9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309369bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H2 200 mvpcustom.js Show response
es360.com.br/wp-content/themes/zox-news/js/ 0
278 B 44ms
43ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/js/mvpcustom.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: "6098ebb9-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZ2rC3eCixtaViru52IaycOCtSyoxs1fs9gWcVWzkduBCypczFmJP%2F%2F4Lqd%2BGBeKImj50XULk4wTQIAW7vJPzp6oh5Jqyv5a%2FLmxpVDxmoahpoGR0XWbiK%2BAJogLyvsW0tDF7jBAWSe85m8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc0309379bd4-FRA
expires: Sat, 20 May 2023 21:02:43 GMT

GET
H2 200 scripts.js Show response
es360.com.br/wp-content/themes/zox-news/js/ 80 KB
21 KB 50ms
49ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/js/scripts.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57867970db92f0ea2de63c77a9b8ef6e8e46fbdaeb7acea81d26f74a859ce919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90750
cf-polished: origSize=123360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: W/"6098ebb9-1e1e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=In%2BOFEYxI1wGldj%2FHeusSJtJG671oR9M7LgsdgacB29vNPZXTeImmF7gFdqflMSUg2A44C2KUXt5TX2187qtnherXEifqHixoDG%2FgHx4gc3BjFtrRkLCdL1xzogHWskEK51%2FTb1tNpMBaps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc0309399bd4-FRA
expires: Sat, 20 May 2023 21:02:43 GMT

GET
H2 200 retina.js Show response
es360.com.br/wp-content/themes/zox-news/js/ 2 KB
1 KB 50ms
49ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/js/retina.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156032
cf-polished: origSize=3104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 May 2021 08:15:53 GMT
server: cloudflare
etag: W/"6098ebb9-c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtQfm7YE722X8RgJ1gXV0%2B1%2BggiMTcdeIJ7j4xp88C3HT4eRmZSdUlmOzK7ReuL26pja8FWTbMvkyzZtHOmPtw47W%2F52TwL3Uiac8RsskY3Pz%2FzLihj72iF%2Fdx63xvGM261D2taeBqLwicc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03093b9bd4-FRA
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 jquery.infinitescroll.min.js Show response
es360.com.br/wp-content/themes/zox-news/js/ 21 KB
12 KB 49ms
49ms Script
application/javascript 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/js/jquery.infinitescroll.min.js?ver=5.3.14
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 08:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156032
etag: W/"6098ebb9-54c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqBR41995tXWjJR4dz6%2BEmfQSQfIrsWDgOIFSmKVAOgQ9GznZnD0lvB3MGcs15uaQPnnz962U4OhQczU7tvPieAmsLiT6qJtrg3Gum3notGzOvxAZazbbsZwdQl1Hvi3zDMEJs%2B2gug6Y%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb8fc03093d9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 May 2023 02:54:41 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 91ms
36ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.14

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2540
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bb8fc041f946910-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 22:15:13 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 88ms
31ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 96578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7bb8fc041f0c905b-FRA

GET
H2

200

vitoria Show response
www.band.uol.com.br/radios/bandnews-fm/ Frame 42A2
Redirect Chain

https://radios.band.uol.com.br/?radio=bandnews-vitoria
https://www.band.uol.com.br/radios/bandnews-fm/vitoria

178 KB
20 KB

948ms
214ms

Document
text/html

200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 9c01a110177775d4ad4b8936a21234effe64115c01d0a24125a4dfe7e7118b6b

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 221
cache-control: max-age=600
content-encoding: gzip
content-length: 20493
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 22:15:14 GMT
etag: W/"2c9aa-znN+ugLGAfIFkxFPtAZcK4dQ5Ng"
last-modified: Fri, 21 Apr 2023 22:11:33 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
x-policy: PADRAO - V85 - 100423
x-powered-by: Express

Redirect headers

age: 0
cache-control: private
content-length: 0
content-type: text/html
date: Fri, 21 Apr 2023 22:15:14 GMT
location: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
server: nginx
via: CacheUOL
x-cache: MISS
x-powered-by: ASP.NET
x-varnish: 634408196

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 76ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Oswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPT+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:32:55 GMT
x-content-type-options: nosniff
age: 146538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:32:55 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 72590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16372
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 fontawesome-webfont.woff2
es360.com.br/wp-content/themes/zox-news/font-awesome/fonts/ 70 KB
71 KB 384ms
382ms Font
application/octet-stream 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://es360.com.br/wp-content/themes/zox-news/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: es360.com.br
URL: https://es360.com.br/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.3.14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://es360.com.br/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.3.14
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 10 May 2021 08:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6098ebb9-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyNljNhNF3Ov7azzAJbzPQ%2BtQmJmDhF3oUzxgyTBKHbuz6uAj9eXdzWja8Vh3jtEB0DVsYU72tXCb9sX45C2UlC%2BcyWFN%2FGd98DiaoRelXz7YtUIOidhuVEh2hph5vltRdjWaPZ%2FymUpw48%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7bb8fc03db4130fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 92ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 159021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 123ms
74ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 96006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 112ms
64ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 332042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 118ms
70ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 159021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 32 KB
32 KB 98ms
50ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 72590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 1349 677 B
541 B 35ms
34ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 691252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7bb8fc046f51905b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 22:15:13 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 65ms
40ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es360.com.br/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 133959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7bb8fc048ce7361e-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
82 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5Z47YEPCP0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143166139-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

144eb8ab106e18b9914e4fc2ebef53b196edb7ee45a10afad993b7205a43584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143166139-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 20:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5969
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 22:35:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 345 KB
116 KB 127ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2682241521928042&plah=es360.com.br&bust=31074011

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2682241521928042

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55bd20ff64e2c73d4870a30755844dcd63ff4aeb044c3235ce6a8d24b2840b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118230
x-xss-protection: 0
server: cafe
etag: 12146567194652390634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame A757 10 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2682241521928042

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:07:18 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 16:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 399 KB
124 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38355
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Apr 2024 11:35:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
82 B 96ms
54ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=es360.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b4fe8ce5c5ef273ae3e4d0ffd69210706551212761e5a491aa27e9dcb367ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 88ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5Z47YEPCP0&gtm=45je34j0&_p=1832817214&_gaz=1&cid=2119238327.1682115313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682115313&sct=1&seg=0&dl=https%3A%2F%2Fes360.com.br%2F&dt=Home%20-%20ES360&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5Z47YEPCP0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es360.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 88ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5Z47YEPCP0&cid=2119238327.1682115313&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5Z47YEPCP0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es360.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 85ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5Z47YEPCP0&cid=2119238327.1682115313&gtm=45je34j0&aip=1&z=985862739

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1832817214&t=pageview&_s=1&dl=https%3A%2F%2Fes360.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%20ES360&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1541273096&gjid=990255115&cid=2119238327.1682115313&tid=UA-143166139-1&_gid=1763876683.1682115314&_r=1&gtm=457e34j0&jsscut=1&z=1185399336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://es360.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es360.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo-es360.png
es360.com.br/wp-content/uploads/2019/06/ 4 KB
5 KB 371ms
370ms Image
image/png 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2019/06/logo-es360.png
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4056b5e2cd355544edf9f7293abc3323de55b8c0deb0ff2a1e13638767f3dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2019 16:42:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d027cee-117b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxv1ChVDixH5KupQ5E6KCQjP1jK7a0V%2Bh1bKXt32glpaRIdDTSUR6j8GWk2iQ5Rf6wi6dvxTUjAUyW38iqbMKUdr%2FsVCHrbtPZqg7IUUJ9YziX7IWuCCgLciuw48Q8nVnnA2Xj2WIAgJVck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc059d3a30fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4475
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H3 200 Supermercado-1000x600.jpg
es360.com.br/wp-content/uploads/2021/07/ 87 KB
88 KB 30ms
29ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2021/07/Supermercado-1000x600.jpg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69217d8316a77e6b5df7d4c905c42ae08b518e6548efe4adb4a4557c56c9199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89087
last-modified: Fri, 16 Jul 2021 18:03:14 GMT
server: cloudflare
etag: "60f1c9e2-15bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJIXXERV7PvbR1DokFIswspjIkqxiGtWMyD%2FVBVMYLbOPpH%2FzofTFvZWsipBRXcrEA9uCFG3QomqGQ2280HqLVDgA%2B89LM%2BJRxLk9EiBTLP9v4wyfYzl5iGx4x3sINU2tYG0Yto5sDF9G5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc059d3d30fa-FRA
expires: Sun, 21 May 2023 02:50:11 GMT

GET
H3 200 Captura-de-Tela-2023-04-20-a%CC%80s-15.19.09-560x461.png
es360.com.br/wp-content/uploads/2023/04/ 421 KB
422 KB 535ms
535ms Image
image/png 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/Captura-de-Tela-2023-04-20-a%CC%80s-15.19.09-560x461.png
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3269faf8d1e2084fa30839ed00a109b071e79ad0724cdcca25d364d9f4d0727e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 18:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6441828e-693bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twXIITOYtnrnAb2fs14xilsb0s%2FU7lJsi3ckV%2ByUFYUnURMW4Kw3IZzZxRldziksEOf70upwLgU68Nld5jJ1xDsRhMctKAtk891bguVbCBSpY2fZ%2Fq3O9kKzmuNek%2FRyU08wa1aAvKsAjAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc059d3f30fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 431037
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H3 200 Grupo-7M-de-Cachoerinha-Cariacica.png
es360.com.br/wp-content/uploads/2023/04/ 1010 KB
1011 KB 560ms
559ms Image
image/png 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/Grupo-7M-de-Cachoerinha-Cariacica.png
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a916b15f73f9395ce0f41154c2da62ad7a26d1e6fac58294e6a75ef7dbf23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 16:30:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643ec5c0-fc91f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7pRebgPpv3fUKJoC8HEOK45Cik51tszHWIjwSTgUvwce0DcszbJu3h1ttDqCurhYMe7WEWoRj5zFSotzTd403juUBmGeibMMDANVqxmbDC4SSxIyzuCkG8RHMb5DSti8DLXU%2BSYkBP8ReY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc059d4030fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1034527
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 37ms
36ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2897
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bb8fc05b93b6910-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 22:15:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-143166139-1&cid=2119238327.1682115313&jid=1541273096&gjid=990255115&_gid=1763876683.1682115314&_u=YADAAUAAAAAAACAAI~&z=687333264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es360.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 22:15:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es360.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 85ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=es360.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
33ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=es360.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 KB
37 KB 439ms
438ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1331977944447861&correlator=482070834678050&eid=31074080&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=21840807013%2CES360v2_home_bb%2CES360v2_home_sb1%2CES360v2_home_rt1%2CES360v2_home_vt1%2CES360v2_home_sb2%2CES360v2_home_rt2%2CES360v2_home_vt2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=970x250%2C728x90%2C300x250%2C300x600%2C728x90%2C300x250%2C300x600&ifi=2&adks=3173121328%2C1106157183%2C194408809%2C1339586013%2C974130074%2C2271314835%2C213869498&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682115313613&lmt=1682115313&dlt=1682115313094&idt=463&adxs=315%2C436%2C1080%2C1080%2C436%2C1080%2C1080&adys=85%2C1613%2C2072%2C2400%2C4555%2C4679%2C6410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fes360.com.br%2F&frm=20&vis=1&psz=0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&msz=1600x0%7C1600x0%7C320x0%7C320x0%7C1600x0%7C320x0%7C320x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=2119238327.1682115313&ga_sid=1682115314&ga_hid=1832817214&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

672666feb142f350fe994925df87f7e2a8bcab62473baa38252ec7521b8c2145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38139
x-xss-protection: 0
google-lineitem-id: 6259781409,6261617518,6266793509,6270031329,6258597249,6259781409,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427794408,138427806531,138429199276,138429047226,138427578824,138428415697,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://es360.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B037 6 KB
3 KB 134ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:15:13 GMT
expires: Sat, 20 Apr 2024 22:15:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 98ms
30ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-143166139-1&cid=2119238327.1682115313&jid=1541273096&_u=YADAAUAAAAAAACAAI~&z=260939065

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-143166139-1&cid=2119238327.1682115313&jid=1541273096&_u=YADAAUAAAAAAACAAI~&z=260939065

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/e2777ce5-3ad8-428b-b55e-e142b7d55704/ 3 KB
2 KB 81ms
70ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/e2777ce5-3ad8-428b-b55e-e142b7d55704/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a07f37942849ffe468653f959c2c5eff570b2f67aa2b2353efd1dfd82ddd8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2f4ff7c9-57b7-432e-9d90-886b8f97f6c8
x-runtime: 0.025150
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7a07f37942849ffe468653f959c2c5ef"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7bb8fc066a206910-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 21 Apr 2023 23:15:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 93ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=es360.com.br&callback=_gfp_s_&client=ca-pub-2682241521928042

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2682241521928042&plah=es360.com.br&bust=31074011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2248db0068086bbb92bedb6fa2ad1f2dc1cf7c56b6ecba14a66ac5ba54ca5418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=es360.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=es360.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58A0 28 KB
11 KB 248ms
248ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2682241521928042&output=html&adk=1812271804&adf=3025194257&lmt=1682115313&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fes360.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682115313443&bpp=3&bdt=349&idt=280&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1577840248726&frm=20&pv=2&ga_vid=2119238327.1682115313&ga_sid=1682115314&ga_hid=1832817214&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074011%2C44782466&oid=2&pvsid=1331977944447861&tmod=1448930538&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f59b3b78e5d5773a33faa8a5d30271f0ac84b44aca0bf065217d10e5ccc16a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:15:13 GMT
expires: Fri, 21 Apr 2023 22:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0922F584-4758-4709-B4EB-B1DC4B48ABDF-1000x600.jpeg
es360.com.br/wp-content/uploads/2023/04/ 95 KB
95 KB 921ms
921ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/0922F584-4758-4709-B4EB-B1DC4B48ABDF-1000x600.jpeg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4410a85ed8242603383ec1d9b76af4341616ca16e0dec09f3b1b1230cbf30e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 20:56:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6441a701-17a45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL2E%2FJwVQKwjHIljsFYO6TH0ysr5gzdfKMsEl7WEFotOzRzxC4B46LWq5dkTAR5By%2F4NuqBAiS0FNGv1RqUu9rSlrpFz7Hwx9AxNhdR82sVhFVLiaco%2F6NCLyc923JRXMvcm2CmsRxtEtUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071edc30fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96837
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 Qui%CC%81ntuplos-Capixabas-400x240.png
es360.com.br/wp-content/uploads/2023/04/ 178 KB
179 KB 947ms
946ms Image
image/png 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/Qui%CC%81ntuplos-Capixabas-400x240.png
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd09f3ae549910bee7b2ae7a0dcd0660f8c5de170448ce2f85cd93fd6d6fa365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 20:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64419a69-2c855"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMrB%2F9jDFlPWRI0YLf2aa0dx6UwOc21cwz1miGmXxui2DRB%2FjvYsixiCzb1VbtGk4JXwljufN%2FaSJAJ10R5fC3Xgv25YXsjfcgOXT0Xme7ho7Xihzple%2BzRYJQuHd3BYlDurA3IVG0z41zo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071ee030fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182357
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 9AF1D709-F0E6-428D-8AF5-1373D6801616-400x240.jpeg
es360.com.br/wp-content/uploads/2023/04/ 10 KB
10 KB 365ms
364ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/9AF1D709-F0E6-428D-8AF5-1373D6801616-400x240.jpeg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328e8ec84f2ca5c61955d15ef7f4dd07a949ed03e7e1ff58bc9b877b22c1c1ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 19:06:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64418d2a-2633"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDJRGYLA62SdYRSH2WBrvyXV1o1DijQE4M3P3vlXhS5yxa4t3%2BL%2FQCRqjWozq1rynZBxsG8UDBgEeyxDUwEQdSQt5c8k%2FYJbHKBasixHo7B2RzqyKnLDIp4ygGK6q3YaCsnSBLSd2IN7D44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071ee430fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9779
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 happiness-824419_1920-300x200.jpg
es360.com.br/wp-content/uploads/2020/12/ 11 KB
11 KB 977ms
976ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2020/12/happiness-824419_1920-300x200.jpg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15be8d0d135fda1e2c31ce2f3c5843a81b3b4db44816e9246fa1d91298f6a47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Dec 2020 15:08:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5fc8ff7e-2bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aIP7l4wrn0tC9jju1gbuF1e8kYRDlhKb1vRzF%2F5yUMJXWDVFL9IeI0od%2Bz1AowgwYcm2wssrdxpRZw%2FzsyMiUwuOyAGBySoh9b79%2BlOo46ZLs0Yb12QZvjyYVt64a8qopAabfuoL4hJ8xM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071ee630fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11263
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 WhatsApp-Image-2023-04-19-at-13.36.53-80x80.jpeg
es360.com.br/wp-content/uploads/2023/04/ 2 KB
3 KB 992ms
991ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/WhatsApp-Image-2023-04-19-at-13.36.53-80x80.jpeg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51efad84fb3eab3cd338317629668302580abcdaed877a8525a83516a247b222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 16:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64401aa0-8fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xq1wEcZ0Krai8lGSkVwrp7z7K4tAhb4heL%2BxQdDuCPLqIALqvmShxmfPjlmsT5zkTcomtB1f2mg%2BBvZC94ph6uTMZo%2F8iusECb%2FFgjbCsydwr72Y0Fq9S7w8DMTfgN6dLtfUvgyXsa9%2F2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071ee730fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2298
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 rede-sem-fio-5g-futurista-toque-de-mao-de-robo-ai-no-icone-de-wi-fi-80x80.jpg
es360.com.br/wp-content/uploads/2023/04/ 2 KB
2 KB 369ms
369ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/rede-sem-fio-5g-futurista-toque-de-mao-de-robo-ai-no-icone-de-wi-fi-80x80.jpg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c324cff87e334e28fd5518756df6247770bafd4c93b044015727dea450d9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Apr 2023 18:25:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "642f0ea3-6b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVQScKS55pAc%2FJNWO3YEbva8i5%2BeavG1Oz8l3ICsv8LUum27n7K4ISHr%2Ba0LBPDWeX%2FLe4q%2FtXriXHA1wKmju8v%2BzPBvKbEVNz%2BNukyZzoDP4o3S3j3bABGVzl4VFOlD80nO%2FrPPpDSteC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071eea30fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1715
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 Armandinho-4-1-80x80.jpg
es360.com.br/wp-content/uploads/2023/04/ 3 KB
3 KB 998ms
997ms Image
image/jpeg 2606:4700:3035::6815:5c4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es360.com.br/wp-content/uploads/2023/04/Armandinho-4-1-80x80.jpg
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01bc61a8e40ed27487b58d74b77b265071033672e98b76ab414017466dec2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 03:56:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6427ab71-b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38WIChe3ioDzPOOwfg8BJOZBw%2F7m080ar4utVzxvmul4%2BVUAHzJoJIe37vAKeUwb5rpYKyeppsOCgmoo8FuR3nvdCzCBxvm1XIK7b5ePtzv2pK6AMWpiQ3C6qUdgXjxpiVQ5QS3r3QMUV9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8fc071eeb30fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2933
expires: Sun, 21 May 2023 22:15:14 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2897
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7bb8fc073ec20374-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 21 May 2023 22:15:13 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/e2777ce5-3ad8-428b-b55e-e142b7d55704/ 192 B
774 B 83ms
58ms Fetch
application/json 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/e2777ce5-3ad8-428b-b55e-e142b7d55704/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60905e46dbbfdecddcaae00372a25f09954b861c323d1db7898c5802c523ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cf518e9f-70de-4e1e-8c42-16956977456b
x-runtime: 0.009083
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f60905e46dbbfdecddcaae00372a25f0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7bb8fc07ae29383a-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 458e9d6c-4352-43ee-8183-a3a4732d5b34.png
img.onesignal.com/permanent/ 17 KB
17 KB 107ms
90ms Image
application/octet-stream 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/458e9d6c-4352-43ee-8183-a3a4732d5b34.png

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57b13317750303374adbb47a00f3561ff33b22287494417a041bbebe605bbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Fri, 21 Apr 2023 22:15:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtJNyjGfRwKo3ccKKyo9iSdHohT84dYjd0oKTgWrFjdYWBGVmO9IcDkUMrQoh9cX0tv9RlgybxST8KwHZtU-7NLyA
x-goog-meta-x-goog-source-etag: "fc78ee66cd191d13750773ed12163877"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16962
pragma: no-cache
last-modified: Tue, 14 Feb 2023 03:18:20 GMT
server: cloudflare
etag: "-CICAqdOGlP0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676344700846080
content-type: application/octet-stream
x-goog-hash: crc32c=Rf08XA==, md5=/HjuZs0ZHRN1B3PtEhY4dw==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 16962
accept-ranges: bytes
cf-ray: 7bb8fc082c2c6910-FRA
expires: Mon, 22 May 2023 22:15:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 150 KB
51 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/reactive_library_fy2021.js?bust=31074011

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73710b1fb1d9e424d71516b5078cc15fca91693afaa22b9a9a9de9350c9ecb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52056
x-xss-protection: 0
server: cafe
etag: 2301462223735513108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F938 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7h76YXdNoOEkUhiHcdMZ5mwhWTu5ry4590RcjnLjdWjmIfGhRpmWshiW5Uqk9THlD1s6Vil2il3L4AQ1H8khVvWd3QE66YDXwSoPNhv2tRE3ZqOMo1EgOHyCJHkJ0259N8ceovxuCvht3eaqhZnMa9u4clP_sBdRVvnERtE7dacDLBaWhasdx51plo-5AZtaowlaVLo27Ew-Or61jLCvO1yxOZcpUsbOkE1owpwEXHR0GBky8VrSStcmN064aIy9_cN14AfM1I3SKyUBjkGqXAFdJZqEr_QptQv4Ud3ZrUrY7nJDbbaQRl7bOzi1MIAF&sai=AMfl-YR0N8kwL1lGCPC5G7unpb7z6sYvetMKH_zweXdRHSjwjDjmTIyXxkbBnew6cFkn7xc0J_dJJnLpgi6C_1pmfs_05tVP-9jAkuls7MpxtVCUmOvuqe2KlvhZVbmPp8bErSYontVv61EUrzEtLOiy&sig=Cg0ArKJSzBPiPtpKFHexEAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame F938 21 KB
9 KB 329ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame F938 3 KB
1 KB 440ms
139ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F938 159 KB
49 KB 316ms
250ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 5322580738267246472
tpc.googlesyndication.com/simgad/ Frame F938 161 KB
162 KB 393ms
92ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5322580738267246472

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f127b617e4079ede976db4d343d3948b3bb7a2eb45bf7cff046edff5123d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:04:12 GMT
x-content-type-options: nosniff
age: 115862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164940
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 20:00:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 14:04:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E34 0
0 269ms
268ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2JoM_YO7PmrNufbLgeDciYwgjKT5SzV35w1DQG3VESnypKZnmOLU0zYt-H1DIsWnAB2qKdFfAC86a1dvQvIQcRa_bPjToZSQnB3ImAuSQbhzQ2bIPmtutxpVcb-2QsMtFiKgH4hynhP4iXf1Lqfo9YTZLiiw0JqFnQd5Zs3hICLWbABI8ZSIfvj0UvswrXctu_Jb9rzmqP7gMBuJTrwi7_QynhnKsNNYzmrajtcLtKD1lS7MKM9g0e3clDPI6c17PUlChCNqkFywoAw41DzhSgwoxarQirP-ILYCEqBa0cZJpQSiFnOcJ2AQiYlCm8VxC&sai=AMfl-YR2hShR8Di_9A2k4tyQN2XDpuGRaDFTeF5Q_gAzUCbJR1B3-9Z23v0MgvOWb5ffmXQ1dPazjkPnZpKnp-pATREinzpeVmlej_xlfE5o8_659yOOo3-sEvFBUcyqxsmoBNLTcLNoW5F4JdTCGD3O&sig=Cg0ArKJSzMaCca9Y2WrxEAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 0E34 21 KB
8 KB 318ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 0E34 3 KB
1 KB 415ms
138ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E34 159 KB
49 KB 390ms
348ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 9254804345357282901
tpc.googlesyndication.com/simgad/ Frame 0E34 23 KB
23 KB 420ms
142ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9254804345357282901

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a7fa317392b38fb902decbe4257ca3193c79d48a61adf31f0ed7a18f7b2118e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:02:51 GMT
x-content-type-options: nosniff
age: 90743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23350
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:22:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 21:02:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9247 0
0 262ms
261ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYzRkshy3K8x-Sej6KdcTnnc5HUGimxku-7Ep6ThX7krhpZgb0pdnUkarKnGv5gILXJHdshfuhaZp5XftXk8NtP1OpCsi8hQRI6_qFM3TGxzRLSzc6NvpwZu2o1ZHWSlecEtBxbWk89mQnnPKqKrtkAIpnfnU77n6pGJOFBEEiJFovNtpeKIkalhMorjkcnur2i2i3AVs1utJuQhMt16sFlzw0c36nIozy15RKNEkxsJ9Vtxr-2DiOU5fMtMrnBSZYMkQHkpIvV-O1zkKY7EI0rajHCk9o1ORCCB9ys0Nxvbt7feIKs5TaTPWuAkYcIgzt12Pvrg&sai=AMfl-YTkHK1Le4ytRUgWb5PPErkIIzr7Td3caPVRwFQUeibcD-NLIS6okbTXfbZB75CRnWUFb6E_qvu5z7dYNbx1hn3P-75XBuKMEK2HY8Yl8JCT44qNgg2VeLPh1VzTQZdY92pj8AQj00U-kytEK2Ry&sig=Cg0ArKJSzFJ_hD27qgf4EAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 9247 21 KB
8 KB 332ms
62ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 9247 3 KB
1 KB 141ms
139ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9247 159 KB
49 KB 386ms
351ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 1525158706898701903
tpc.googlesyndication.com/simgad/ Frame 9247 138 KB
138 KB 384ms
150ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1525158706898701903

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b832d7a4c084fe2e9228073668d6cc7506c47b736d563f23e56c8a059354e351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:02:29 GMT
x-content-type-options: nosniff
age: 90765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141036
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:36:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 21:02:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7AE 0
0 256ms
255ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJXRFJpmrZhiAE0MPh7sSHibayZkH-gUq_CmbPlZ-WpkFnFObu70z4ai7DgphfxbzSw7j_qknYpIIxqgK7ETKat1-seCuSu3pAQ8n_qI7czyitaA3Xpfqlkg8PkLj_1sRpgwleiwEJjPJgyWpSds8Sgg_T0REr2rka7ZtwfYMXtcXqR3CgtY_I5VLdmyPO3fzSxSDb1LR2Di_beaGWJUkrLPaZFtDCsJ9cPSi6GrY3xVAPOTFZEDq02DNvCteqx1rX3edwuC1kiiefTyjTDwYMMlIcjysm9AIdDflmtWXsusd_Nj8CTfRkoufm2pKSgXMZSg&sai=AMfl-YSJO5DsGD_WeEnrXHycYlYbcA1Ttd2bW1ep04thgqHCUIiRYexPdgbwTS5vDn3ZefaAKl_1KDTKP6_H3sEZH4PEMC5Fao2O5LbIFwjcwUo643xN5EGe2M0ar789Ly4HN1exRAvmW_F_zk0eS4tj&sig=Cg0ArKJSzP4W7gPUucenEAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame D7AE 21 KB
8 KB 332ms
71ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D7AE 3 KB
1 KB 141ms
139ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7AE 159 KB
49 KB 391ms
365ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 14140193373602347580
tpc.googlesyndication.com/simgad/ Frame D7AE 172 KB
172 KB 412ms
178ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14140193373602347580

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d1ae912dc5b2e19d2c6bee9bde61d6a9e637f642582304ace2c91ce8171b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176015
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:41:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Apr 2024 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8CD 0
0 249ms
248ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXrz5_-uXH0OE5bww0RfXs7n2XcJXEN7QQDXDEfdHXWyOFSlX3w6N4Rumf329eQeSdpJZgS7P2YyvT0uhlhe9fksYhXNSkR_9vLJJU66rigdx2y-g-j4saoURpJHLkFv7jadJUnUP6wlMMUqVZhNhVgkMJG-SXsLagBP21a9vLMrFRMCzcVgz0sM6Lt5dMkqNNIqwXWA_Z5KWbMLD8kBMsa5ts-rKoi69EdHeroll3YnLAw_3tN98xrwDUXI3TgJu8GaMGUUYvlhf4Oh6-vi90JvT4f33Vd8t25mq_7anF7yi4DHWkmZ9JsCZFVCr-7-8I&sai=AMfl-YTVCIana_Ej5kA8QRPBw0anGRweZaouuUwQUcHcBICJbqqRYGn3u2K6qNXbdDEFFlOBwvqTl-Uoopsbyxc4xjKaVD9UYjcYLA7E92Gx01sXpsEUmNGmHcO3sJBDtInYBHcDfbN-lvSbDpkWftFQ&sig=Cg0ArKJSzCopC_gLhp67EAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C8CD 21 KB
8 KB 335ms
82ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C8CD 3 KB
1 KB 142ms
140ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8CD 159 KB
49 KB 357ms
339ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 13706927651887677069
tpc.googlesyndication.com/simgad/ Frame C8CD 88 KB
88 KB 385ms
151ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13706927651887677069

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26724330408e55ffd4478561a663a3c913681a68abb6735c4f89316c89da8f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:02:52 GMT
x-content-type-options: nosniff
age: 90742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90004
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 21:48:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 21:02:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFE6 0
0 278ms
278ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5QNOa-E0YnWcpyfQgJeSuGd4wwY1yQqb-Q-rSfA1_z5cn-iJIxYqDW2Pa-9BCL7ICTvd4w78PQhactB5EMQPHoap-zBUGgZumUfw7CIv9Ek2Z97eHvzNZLn1QuJIsmEpX_WizEtQJ3_JV5Tp_ZjafyynLRS0eLJop4uW8S_etdptcRGBVi3Q0VBMNjXqCknv7n8ZlwWVbyQn3D1-Cl4eUY-kz0Y64uOlBRjbEEPA6u2pPZeQ-eL7HoTaymn7WYyw2587KiD2tPP7klaS1J_e88BFfLF3DhCx2PUOFsPk6t8rXHIXYv0RQSd_DGjZ9pkjcUnlQKA&sai=AMfl-YSKM2wLbV2oK3Vxo4yiycWkcLFKB3Dl5uFMsO-0rrKCT3uv5tSQWlHcGEjOoxw3klhcbIxaELMu9DQ561rRmEWToUr045jaEG8xh_QSlV2xD3qKr4mpLJQKJcdVWDeq8Eo_SvSSGSb7x_BJiEYp&sig=Cg0ArKJSzCDmDf9pqoLUEAE&uach_m=[UACH]&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame BFE6 21 KB
8 KB 332ms
87ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BFE6 3 KB
1 KB 142ms
140ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFE6 159 KB
49 KB 328ms
318ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 7073856349300329655
tpc.googlesyndication.com/simgad/ Frame BFE6 59 KB
59 KB 386ms
152ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7073856349300329655

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

469455ad8031f001a274005ce3ccf72c83aa3a1676a943eaf8ecc6c7dc42b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 17:00:01 GMT
x-content-type-options: nosniff
age: 191713
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60738
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 20:06:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Apr 2024 17:00:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame D0C5 222 KB
61 KB 309ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 11:33:31 GMT
age: 211303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Apr 2024 11:33:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D0C5 15 KB
5 KB 333ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 10:20:12 GMT
age: 129302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 10:20:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D0C5 94 KB
29 KB 289ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 01:31:13 GMT
age: 161041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 01:31:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D0C5 5 KB
2 KB 333ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 04:17:12 GMT
age: 151082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 04:17:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D0C5 40 KB
13 KB 334ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 05:09:58 GMT
age: 147916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 05:09:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D0C5 9 KB
1017 B 243ms
240ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:45:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D0C5 3 KB
3 KB 374ms
148ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:49:09 GMT
x-content-type-options: nosniff
server: cafe
age: 8765
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sat, 22 Apr 2023 19:49:09 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D0C5 344 B
466 B 373ms
148ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:13:18 GMT
x-content-type-options: nosniff
server: cafe
age: 39716
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 22 Apr 2023 11:13:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D0C5 0
0 275ms
274ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg4o38QpDZOLlKZ6K7_UP5OSykATQnMiFcKfer4GsEa-BuuPXAhABIJCZ3HdglYKAgKwHoAGP6OLCKcgBAakCjvxnRJlrsj7gAgCoAwHIAwqqBKQCT9A9UqIlXOhvT2_j4O97LFIPgP9Cgt-Hwf4BIHz5INLT1a9F23DfeGk5d7DbR5UZxN7awlETP-3pPww1BODeS3jZvpI-i3OaP3Cwhhoxqyx8b_kHXHIEnYhio1cPjQcOwoM3N-ybyw46ndvtYSVNml3OYCIx-rClFkwaycOPUFsEuvNQ8hKxH5Y9tqjHnhdpsCSHQcca9kL3gh8KWNeNkaTc7AwQuuI--YhqYqIs1cLeSH3SgTMNuIGoDAtKek2_3WHeIAVK8VOZ_-t5x-ArWEwDHPsx_GCc1fXH1P4KpYzTgDcVeYx1ZKd-b4NUqCwbxK4YcOMV7ePN8CuZ2ltGESmFWRnB2qMgHTlSkkPjmkhRQ75K6QxDV0CpSGF90XAh7hlNB8AEwtD-0ZUE4AQBkgUECAQYAZIFBAgFGASgBi6AB4-gs6IEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQkDXSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi0yNjgyMjQxNTIxOTI4MDQyGNracg&sigh=ZOxmaOrizw8&uach_m=[UACH]&cid=CAQSTABygQiD2MXeCFLHL7X8FQ9btrkoQPXuXn7Z5UhSUXNW4DIG2fBC5pIuS9e11JFlMe-XFNYKo6ewr36FkiSjbdd3tFGK-YTQ3vRdqS0YAQ&template_id=5021
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17753639285142045423/ Frame D0C5 2 KB
2 KB 375ms
149ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17753639285142045423/14763004658117789537?w=100&h=100

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d54aebe0d34ad13b6ff9faa8c2998e522dfa20020365aaf6c779e12c4af132d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:12:23 GMT
x-content-type-options: nosniff
age: 216171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2099
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 12:00:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Apr 2024 10:12:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4849668042042379108/ Frame D0C5 5 KB
5 KB 375ms
150ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4849668042042379108/14763004658117789537?w=400&h=209

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca338cdcc12a4780bc62305873810ff78d07fc9cc97c4e2f04b8134ae9d97155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 23:09:08 GMT
x-content-type-options: nosniff
age: 83166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5026
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 12:00:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 23:09:08 GMT

GET
DATA 200
OK truncated
/ Frame D0C5 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 294335e67ff1981d358faeb07786e65cd79e09fd5b4710f1d1812e0d05cee94e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D0C5 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D0C5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc7315db26520dd79c42707fe43e17b1806a69cbd952438c48aa21fb17a8bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 204ms
203ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=es360.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 205ms
205ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=es360.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame A894 10 KB
4 KB 195ms
195ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5ED0 624 B
242 B 65ms
63ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNX62-2TcgKygBlLqXT9piNmEKRL-CT8SbonHEmx3yT_mMWmar1dtRrD0irQKTuDlJQomR5wvxjHEsqgI9nrA1E6_U8dW1TTqhrPmT5XZ0EENM1NgOiIWAV3Mv7izy4_U8drviQ6C7YWaoHJvXrcB-StFiyS8Oq7nekQij5s5Vcl2_CjOPY

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:15:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3AFE 78 KB
27 KB 149ms
146ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3AFE 3 KB
1 KB 360ms
356ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3AFE 19 KB
8 KB 139ms
135ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AFE 159 KB
49 KB 122ms
118ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AFE 42 B
63 B 65ms
63ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKw6xhEiOj5uriltPdy3BxHWUDMgwoHdpN-QjHDL3ifPh6jhGyvFVXrNND8aP2gQp1TbgtH95HVsxaMpugp5xr9IpdhgzVNfD8AOEjwXrLV3vHzq4

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AFE 0
20 B 65ms
63ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7026147900333774061&x=1&ct=119

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame D0C5 29 KB
29 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:56:08 GMT
x-content-type-options: nosniff
age: 346746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Apr 2024 21:56:08 GMT

GET
DATA 200
OK truncated
/ Frame F938 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8704b7012c74102e4de6ef06f5451e5ae6e78b6a57d2990eb968f9d41ec0886

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E34 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1a965322ac47090a70b6dc7c27c9165c9e3f998708dc773f45ec0375558516b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9247 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e5c5d9b756fd56b389e2c83c7551c489eba64387434146ba45b549764fdb0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5ED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1

43 B
766 B

28ms
28ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNX62-2TcgKygBlLqXT9piNmEKRL-CT8SbonHEmx3yT_mMWmar1dtRrD0irQKTuDlJQomR5wvxjHEsqgI9nrA1E6_U8dW1TTqhrPmT5XZ0EENM1NgOiIWAV3Mv7izy4_U8drviQ6C7YWaoHJvXrcB-StFiyS8Oq7nekQij5s5Vcl2_CjOPY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5ED0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMK8lpm2qeGBfsqgRdepQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1

43 B
766 B

53ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNX62-2TcgKygBlLqXT9piNmEKRL-CT8SbonHEmx3yT_mMWmar1dtRrD0irQKTuDlJQomR5wvxjHEsqgI9nrA1E6_U8dW1TTqhrPmT5XZ0EENM1NgOiIWAV3Mv7izy4_U8drviQ6C7YWaoHJvXrcB-StFiyS8Oq7nekQij5s5Vcl2_CjOPY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkt0hM7IuvA4Hjvp29lQ0E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5ED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGr0zYWAwO-HBVlOpxL0Ysw&google_cver=1

43 B
1 KB

27ms
27ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGr0zYWAwO-HBVlOpxL0Ysw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNX62-2TcgKygBlLqXT9piNmEKRL-CT8SbonHEmx3yT_mMWmar1dtRrD0irQKTuDlJQomR5wvxjHEsqgI9nrA1E6_U8dW1TTqhrPmT5XZ0EENM1NgOiIWAV3Mv7izy4_U8drviQ6C7YWaoHJvXrcB-StFiyS8Oq7nekQij5s5Vcl2_CjOPY

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:14 GMT
AN-X-Request-Uuid: 65149e74-68c8-4a1c-aeec-d55232448aa7
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGr0zYWAwO-HBVlOpxL0Ysw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5ED0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyOTU2MDg5MDQ5OTA3MjE1Mg%3D%3D

170 B
409 B

93ms
38ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyOTU2MDg5MDQ5OTA3MjE1Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 22:15:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ffa86d16-a414-44f6-aa8c-ab7d63ee1369
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyOTU2MDg5MDQ5OTA3MjE1Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D7AE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87e03679ec1e4724b9a1ba57302db1e442214a966d1631e6fd871ca4a39fe43d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C8CD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a1a5929f789bfdb477a3c36f25723c2006ae5b8306bfa02caae7c4348afc7da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BFE6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a90592de6632dd235b7e2a658e580608358ee2c53af6142b7534fa9e40439be3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E34 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF4uSBYRjqXtyZESSjK99zPMTkNNHQr3xTh5EFd1CrrDZT5a45sg6zmWniAlr0AAoBTTp6RQwu_Az9FXYOtSczm0zI8MbPNQ6N4QXnbJexXeasXc27-AHlaRmxRgsRnTk8UnQG7y4aq2eSfPNA8QN8RqLd2uDPtBtMyfk3hvVz81jbze3Ek9k3_06_kFDV9R1pc2Kkn7aC33cCpAAqHfrDQWxsCZON5IcGg0OssAjt4lH68tDU3pBMAsxDOuZVdVFRHx1AqhmVCLH9E8LFWK10tFbn9t4mtaI8Y7tHY38PdWBrJxLkodnGIxLRy4owaVGRxD8&sai=AMfl-YQmPg6nHnxyBtvZmvbFSfs_mYZ_fJWA29wkmEoDkIZzWhqeqic98Q0uBowe7yfggCdjJFFH76e2TiyLxqbzHDA5PzBCV0JSRQueuLuUBH9-1LRnPWNwoUWGqazqvHd-1AjYL-OfLUwt5AqnBmzh&sig=Cg0ArKJSzLTJDE2EmoIjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F938 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBfCX_lZAUm_l63O6_GCUjU22aqo2XsUW0eIuegoG9tq_GEHHtpfqknr79z3m0l-_gxSsdRYQtEgYZoMH2sqZsO4wQ6vj1bTVOCZCDkYD26T1lI8SAAiwSTtJ3P1gmLRyrXd5WkDrHDsYq-MRve6lkvdsee5ZcyfaoOs4EJLiYV1hhM89FzGhYpvljdcuWMz0pJbPipmXV-hy1DVUcLclucNKu1S7ie6j53sBwfKtVnQpmxxff-ZEP8S3_OJJJPqtLvkQ1G4b5k8EsBPp6DDic4f8hSJotbsOx7iaEh_L28q-18KMhqFz7wud51gDtnPbuR9s&sai=AMfl-YQxWkNuHC2QQn2RAD4gfHQl-NCouU7Roqt0-I7_Tkt28pQQvCltAywWybXABnASqXwvhCDbbveXcR9DvZ_lIuvuktFpngm2MIzluIODh4rTjpjL3K-00quEToOSX2ObVlsYMSO3870vap9_3vCB&sig=Cg0ArKJSzNPRjvcrNFjJEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9247 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuAaILygQE6u0zGPD8T0Y7GW3dwIx55XABbf_2nr4K-IVc8cGY_MwipFFhWIK-Lmz9z2mkr6NQ2AjK5BTL2vPEM5I9hX1eE3E-wboYYtKjO_HzGSmNzLpCFYHEYU7oJnx0BXeazxfeVv7VWdF5BKLFGuXphpfaTYQDuWPB0BqxHtIBKT88KIROqibwG55E8W3yKBtNTHZ-MhyhOWJf4-TLogISHXVUESR6sO5rS74lO0OcQLGqs68kbkhR7IGe2YZ7ZrMq-tCmgjf1qwDYzHz_8LE_-3mxX_wdhAONnicgzasuNHsMgCmhTvi6vO-Wb6sdoFVebFSu&sai=AMfl-YR2E9lWRR1umKux7UeLQUHKGZEY6jB0yRW2QyaYs3bB7dxpvebz1tvh3VIFHYnB368gLjLVrL5VaKUt9lBwvZZgxUMS5lWVA53Y8v1nGxPxHZ68GNxbwfbBwdOlQxCrua1jNBrlMhBgqWieCeQx&sig=Cg0ArKJSzDmZePWyDXk_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7AE 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVflvo4bwY8hozRCB8ZooRME0-In9aS5ck6s29BBE6esTeAmeY8Q9olZSRvmm22spDapoaOfPIg8eZM6W264wPdgd41D68CyLNcWx6eWlrPoOxUFQxTX6lqhiD-LnfVSPrJMcMS6lheHefGNPnnAwmlkjEfNjrKeaIfXjT4dmrUcae4YhKXaJuaWQ0xKB8AV_rStvJRf4FavCuhfElW-ticvKNnDVLWvwEYV_UTRF4hsbu2I2NZgZIr9fQUWUGQYgzyGmwV3xLGWZgKBBjoY2qo9ArKPjD9f4UaDUjTEliaqTrKd4SwN-4P3sY-s7nOxxw0r2y&sai=AMfl-YRd9s9mQRu73mTUmQrESbKVx0LyfDuQ57rrrnyTcU0ME32vsIbKSsxS6DOHyXODRvVlyUhxnF6OZ6W-gS9xFuKEZ1jri_EoVGmLHXIN8A8EPFm3syKFQXdpTb03IhmTdSi7Hmvua26pNo4U882X&sig=Cg0ArKJSzDQGDnuZHWxkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8CD 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDoD5xrFWTENasu4vD0ho6F-hg4vZbHkhGxOXGBSeD2uYzN3RpPJdMkQnpnCiXZDPzo9siDSfAjlF4VLEaf7tFxg5hfRj4FB_YPQTdQOBYd8Wa95aqS1lk2vqEcUtEaXW2RQTjgcp1mgQfgYPupn1qV7Zf3o1S_HkvObspwLrMi-I3l4p7E0G_bgmQ_bdW2QWDyND-yT09_e8ETSiUzKLxbc_BgCZUyu5BDghDQuryyKrhbn98cAphiHlHrLRa95SOF8_nrPAwXxluWNRHBtBdhOvhEcn1AHG2titH2of76HytaEQIxlmwk1Dma5dMs1qIZjY&sai=AMfl-YSTMc27bbo4vXVnS0PlSRowDw2yMWiYtSoaeoqO3rKe0g2kRL6Jh43hgzKAjhrPLVY2Pw8Sxe6RjRpkSHVjfDTLRUIjX7OQGKo2Wa6y9RtlYLKEcTPytQ5PghVrqsfSQVjtYe9GC-SHHUxSuIqP&sig=Cg0ArKJSzNEs3MnamI7aEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFE6 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswgcLSCmFpkgXVJegPRu8wik9eBaV3v6VNqoSTHZUp-da42A7N_MDSrkPwz3I-KTr4aYqT6dat7jkX1zBpZw2aaGHv3tB3YxAHptjIH26XXcos4CpTUIXsOiwhSsvtAuqIQ9iiRG28OF1L68iWRKYI0TLSlAlrc_m2B84xyRWMkK2qTSetHL8ffCh54cLEkKRAPqAZ-lP9FaMq_Rmek9YitCeypf35dsOCoKBz3DmfJpJeuOSgaCqNzodY8kGXKX3aWtrAWYpFs58w1c07zoaWWYHnY-PB3qiEdywkNRPgNn6VJlLw0mSterJ8BMP17gIn9Hcr6EPB&sai=AMfl-YRMLxHdtiipIhthlYFQPCBtb2lyBLyk3XzgxRS1N-Ph3PjFJbLZOnHU0L4WGIBdFx1St0GTy1xFcBP0CvK1h78pqvt3Us417hV4hhMSbTqwKBNt-__dVsv99QYaF5NfCUlKu0i79DzkW_qPXS1E&sig=Cg0ArKJSzNVLY4qN8zfzEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:14 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AFE 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5517291344368&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AFE 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5517291344368&version=m202301230201&ct=119&x=1&cor=7026147900333774000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3AFE 82 KB
35 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTO6XJHFmgoSh-QglA-JV7vzCRh1wSnvflre7VIVS8QuIHuStUq_XMtb1sFfIyk3uBxVJkvlhvVkcA9t7j7jA4EmFOluTf3gNv6EXMztslJ4LPDG1ADMClFRkwcN5rOYPEGY9bEid6h5XcIi2srlayHI1krxppLUzF3_WUmcMNCEq4Dn8&cry=1&dbm_d=AKAmf-D83pVaz7f7loyPYWsW1LbmLdPJyWubTC7RsmcrujhwRZo9-J7XTIrM5f2z92jG7mOXUQyTApQ5bZKGlDhrbsDoqGbp19SCgqrZDJgKscgaV846_sWm4y-UEEzpgOvx9ASnzRmjnVe6CIz8RnpeOC_llevqv0LI_CEtJsCt0zaF-_RV4PE4r4Fy9EDlFdTkWR87I_A1LoJZhuVW9cB33KYwtEPmMPvZhySHMYJVRT2bvxSmWw3scmG6vHpcINI4VGh2R8G906k2xxY2tKfqRgYwwS7UlvAUz9VVGVMC6qxAnH9020vM8rYLE4MB-07Merob2oG4nj-P-edhG6y_4GQcKJgq2ZfnS_NAWuJcFhGqRQt15ljgjzXvEdw9iG7BPUm3UxwiSpeKiLCliCl4uxu9XC-fS1ykCoG6yoNrEj6F3Wt6Pu_BV_KMcNEe73OnwoMvUct4bqQcS-aaRWl86ioFXi_BWtlSpvtokhWAJ8vpTGJ02nB0tCvN99lROw8zGoSy-AFjP9gpstXw5PEdiLPJTJfS-66C89mFe3SZHEBEg_A8wBT9Hic4GV4Dk9QxDOuUWQmbBtzhWK3BluUYehd-vIieWEsaTk9iI32Aobk-0EMA5NLx8DDF9oeq91s3GI7uNxuQFRFGsbLbtdyUosyT_Od41EfV2wuoI6MdHNrd1CyIuzgQQBQJSWhzTkD6-8GqsI5s-7sVaNi38SzJ56jI7gitl5zvUyrkpbdPZpAWbs1PBwWtgztHjgoZod-FbcO8nUAgLKhtdgUJVhh__brn4a83O_x1FT2e8FWGlI7n3yn7-3BG-2K9EsZTowVcxyh7Lm9gBMcbBAsJPHZ41plFCpZDx-y52kMz0iGrcKRHrpPjEKzvGdMd_XVmaR4FqVUtp_6Wk7aOd8McWSv5I0mI1U7FestOPXGmfeGOi349kpYJMej5zecwgTFzhpnVXViMrRC469mDM03r7IRHjLW9UKTKUyc_T9Wxu96a_QO9oIUCezXaPyTT0K47nKvO9ZUQtiToelvxn3UqSTYmWr7PHVZmOG4QbAZv1K5vsM3GPBXsEJkjqNqIawimYqp5nJkTLYf5jI1iZ9EJ5FkSWl3xu2-uI56jPLAOiBx45EHN0-joP5kMQcytQ7u_tlGt8tTFurQqzQmCvpX29oeVfPYmcw5OYy8niMKxJzVrwficLhdy6sge9fcoqxR4I9qo_OkmBivWFjnbhO5HUVtXyAw94fBQVF4YKSL6UUuvvOpv1mtAY87_daw4dY5FWRfiaeX3hNnnYXKflHtYPayusi8tYl0rgTKqYilr122hQyieILnaf_LeEVTSYlwISBH5N5QnillpeSVubJomQit1L0j9I1dQUmNDkCfuZN3daugOX6WFwSDa1XLp1q6qy1rWIahxffycWmRUK6JHd0WT4yVNHHGwMQ10ScxzJdDpXDfEHWzR0dSJHrgoUhPnOyMuTg7rowGKmirHicv3kg06deAnEJZbcZDe32c0CUq2iXPoz9s-Phs4LUieBEKMptlgneEZqZL47lnsdN2Hrlg6pwlrEYp4ur39VhkbNoIoxFS0kOsokl88s_6LHPU0LbrjBkrIdY1Ga3xxncpd-wZHdWTdgFfMsLAKP308TbUXB7XzSZdz3O3SgcnQhXRaUJnWWJOL64-KzczjKYT-4-UQBKNsEIzJWTE60UC4dZL0t18B8KamFu0fiuaVpxIAHI17CIwhbkG4gu76VrHLiZ4C8Tno-tpmCu1DEy4ZwDZCk8WBMFL-OrELJb8EkjkE7O5CU5r3LlJfl9jGhOhzYLpTzh8ozTP9RMHTKRtQXiYZDjbk0FOWFNCLvTxxq18LN-kwdP0fHBi_Vfw0HPzD1Q5CVo_igQICKEcZO6uV0lOfX5kb3RkHna4e5kY3_P3oMUFMg6-9BW6asNMbdVdOtAl6XUSFw6cNtWx0b2Nj1daEoEMncqs0zFzKUpYMQTwdePpzNhqIIbaVS8ir1ZDqe4-7tTFz0o7caVaKUP49Y7QTF7QyPSQ_QGvv14ihBbVhTZmdiQjOktKFXWF_dKkOw7OCQbeNAugaYtlRr7D8-57VWEGTAO9UsJ3R_Mt97qMXBp7ILnwwLy9hJJZewzz5tQCBqVvOC_bqkAaZUlew2DxrJiN533WI4d2UPuVn1XKf1_kyrCLqCL8aaz9D_319UO3p5qFReebvPesXWOAQPCy5F4sb5gOyVAMYAP4q5blEJtjTCNW-H4JbmyQQBtfagusAeexhtkLsQvbOYrl5gF5NrGlGTTf3bPQUWHU2Ah1mG0acKn5uBr3lkoeOJcFMY-x_-lAFzZrhZu-Xf6qG4FiBSfNaU6_d5uPdtTWnoMZm5dZetsiesUfHUl0piHo1IGTf5Qqkt--mg2zUFlJkcEsZvTTnLaHpSPMcl5bK5-ZQb0edEk4rXN3wuio_lQBAjAYPS5G4PkSwXZ9ZaZwHUtVUJZm6HFcWcZQV3PpoKb96PWsKNoCfyWrkty95H1G3PSiF3lzdUf1VXMO3Pp7cS7R-s9hjvY6twhQC2S4BuJ6t0zXQCs--m8Nwhs1vs6mSVkfiqlD_c6YW8Fq9U-guF8x2ZLtn6zA3aJvU4yVbGKHfq3Mx9XJ7yptadX959G4POncHq9t1waZP2P8I8DrMQalj7oh8708LxqLbdAq0bDbYhP5ll8ONzdtEMDyBcBRSzjnv2h18KuOTcKCxddzfZH-N2DfBfoP2pXLtNcTwTSATTQ4p6BozhBNs16Ws_yOxoOm8-Ju15DChUlGSdxu5WGlPea35r3rH_b_sN1bULob8_kyy7pFJPDJc4JvvS0IjNlLl2UE9dnh9zP4gUJ5ZGMy8SJ35CMuDYxQ3fiQ8UFGXpQ7W7wg2DWkg9wZUR64xYvlwaEL5zN-GMW1ZmqyjQgRh2SBehecPojNrRBxh2zwlLG5HumYiTo5pwuhbP5KbUcPSjNMIYO4FfLraP1sHeU3QnINGtbVh8MHozhTnr57FP6EbgqdMZZVRiglY5hWQ0fyELDw9svXTnz7d4PdBJvOxhqlys6wdzCDzv318COhSc8U3i37Dx83DI1rp-9IDKY6f0K10zs5NZOL7KRnlPC54Bxyy-dlvCJaeAVP9XGKF2nS19YHUipt8xY-CkA06rbZzURw9X7IK4Zf8EtAHz2sOprtfuukN_yItekTI6HoRJ3Pm_vT594jdsk6CvAsNDYjMAbk0WufxD1kFMyEUvIawRd4P2lC0gV-ALUuksTKL8pxgBfQHlC3c-TCWPmNeNNcFu4CH2hjUxJRzJX3HzptE2GztRMl4nxFvHBLZJ0fB8KH0uQGslztSlb6Vuf7z6Z2BKn-iywMiJv3rpzIpyiw-q4vc1ykKUS8X_66DMylMtcqfkfpDAEhLn71oKbsxKRvguOA_ASFhDd5DEPoXrrGhm13X6_ufWrLiVcIkThCYrncOQjAE9khL3tGNb9yZA66u7SoBci0EprUzdcjM8gMbagEXXuxjVIeVxvAqInyAdDz_nwJsFrDpxdP2liLsZcf6CBibUpPmARXZ3SJW9Z0Q0mpgebMXxoQI5oMP3Fd1vC4Y1wjSa136AM6DEYfdseFXs8sc8cKJyA&cid=CAQSGwBygQiDYBO27wNObNlH0KzvdN8PBw9a2F4-lRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fes360.com.br%2F&ds=l&xdt=1&iif=1&cor=7026147900333774000&adk=3062569608&idt=240&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37077fb825402cfe9eb8fc923cd1be3631875233838ffdcb40128edf8d715da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35531
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3AFE 106 KB
37 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 3AFE 11 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTO6XJHFmgoSh-QglA-JV7vzCRh1wSnvflre7VIVS8QuIHuStUq_XMtb1sFfIyk3uBxVJkvlhvVkcA9t7j7jA4EmFOluTf3gNv6EXMztslJ4LPDG1ADMClFRkwcN5rOYPEGY9bEid6h5XcIi2srlayHI1krxppLUzF3_WUmcMNCEq4Dn8&cry=1&dbm_d=AKAmf-D83pVaz7f7loyPYWsW1LbmLdPJyWubTC7RsmcrujhwRZo9-J7XTIrM5f2z92jG7mOXUQyTApQ5bZKGlDhrbsDoqGbp19SCgqrZDJgKscgaV846_sWm4y-UEEzpgOvx9ASnzRmjnVe6CIz8RnpeOC_llevqv0LI_CEtJsCt0zaF-_RV4PE4r4Fy9EDlFdTkWR87I_A1LoJZhuVW9cB33KYwtEPmMPvZhySHMYJVRT2bvxSmWw3scmG6vHpcINI4VGh2R8G906k2xxY2tKfqRgYwwS7UlvAUz9VVGVMC6qxAnH9020vM8rYLE4MB-07Merob2oG4nj-P-edhG6y_4GQcKJgq2ZfnS_NAWuJcFhGqRQt15ljgjzXvEdw9iG7BPUm3UxwiSpeKiLCliCl4uxu9XC-fS1ykCoG6yoNrEj6F3Wt6Pu_BV_KMcNEe73OnwoMvUct4bqQcS-aaRWl86ioFXi_BWtlSpvtokhWAJ8vpTGJ02nB0tCvN99lROw8zGoSy-AFjP9gpstXw5PEdiLPJTJfS-66C89mFe3SZHEBEg_A8wBT9Hic4GV4Dk9QxDOuUWQmbBtzhWK3BluUYehd-vIieWEsaTk9iI32Aobk-0EMA5NLx8DDF9oeq91s3GI7uNxuQFRFGsbLbtdyUosyT_Od41EfV2wuoI6MdHNrd1CyIuzgQQBQJSWhzTkD6-8GqsI5s-7sVaNi38SzJ56jI7gitl5zvUyrkpbdPZpAWbs1PBwWtgztHjgoZod-FbcO8nUAgLKhtdgUJVhh__brn4a83O_x1FT2e8FWGlI7n3yn7-3BG-2K9EsZTowVcxyh7Lm9gBMcbBAsJPHZ41plFCpZDx-y52kMz0iGrcKRHrpPjEKzvGdMd_XVmaR4FqVUtp_6Wk7aOd8McWSv5I0mI1U7FestOPXGmfeGOi349kpYJMej5zecwgTFzhpnVXViMrRC469mDM03r7IRHjLW9UKTKUyc_T9Wxu96a_QO9oIUCezXaPyTT0K47nKvO9ZUQtiToelvxn3UqSTYmWr7PHVZmOG4QbAZv1K5vsM3GPBXsEJkjqNqIawimYqp5nJkTLYf5jI1iZ9EJ5FkSWl3xu2-uI56jPLAOiBx45EHN0-joP5kMQcytQ7u_tlGt8tTFurQqzQmCvpX29oeVfPYmcw5OYy8niMKxJzVrwficLhdy6sge9fcoqxR4I9qo_OkmBivWFjnbhO5HUVtXyAw94fBQVF4YKSL6UUuvvOpv1mtAY87_daw4dY5FWRfiaeX3hNnnYXKflHtYPayusi8tYl0rgTKqYilr122hQyieILnaf_LeEVTSYlwISBH5N5QnillpeSVubJomQit1L0j9I1dQUmNDkCfuZN3daugOX6WFwSDa1XLp1q6qy1rWIahxffycWmRUK6JHd0WT4yVNHHGwMQ10ScxzJdDpXDfEHWzR0dSJHrgoUhPnOyMuTg7rowGKmirHicv3kg06deAnEJZbcZDe32c0CUq2iXPoz9s-Phs4LUieBEKMptlgneEZqZL47lnsdN2Hrlg6pwlrEYp4ur39VhkbNoIoxFS0kOsokl88s_6LHPU0LbrjBkrIdY1Ga3xxncpd-wZHdWTdgFfMsLAKP308TbUXB7XzSZdz3O3SgcnQhXRaUJnWWJOL64-KzczjKYT-4-UQBKNsEIzJWTE60UC4dZL0t18B8KamFu0fiuaVpxIAHI17CIwhbkG4gu76VrHLiZ4C8Tno-tpmCu1DEy4ZwDZCk8WBMFL-OrELJb8EkjkE7O5CU5r3LlJfl9jGhOhzYLpTzh8ozTP9RMHTKRtQXiYZDjbk0FOWFNCLvTxxq18LN-kwdP0fHBi_Vfw0HPzD1Q5CVo_igQICKEcZO6uV0lOfX5kb3RkHna4e5kY3_P3oMUFMg6-9BW6asNMbdVdOtAl6XUSFw6cNtWx0b2Nj1daEoEMncqs0zFzKUpYMQTwdePpzNhqIIbaVS8ir1ZDqe4-7tTFz0o7caVaKUP49Y7QTF7QyPSQ_QGvv14ihBbVhTZmdiQjOktKFXWF_dKkOw7OCQbeNAugaYtlRr7D8-57VWEGTAO9UsJ3R_Mt97qMXBp7ILnwwLy9hJJZewzz5tQCBqVvOC_bqkAaZUlew2DxrJiN533WI4d2UPuVn1XKf1_kyrCLqCL8aaz9D_319UO3p5qFReebvPesXWOAQPCy5F4sb5gOyVAMYAP4q5blEJtjTCNW-H4JbmyQQBtfagusAeexhtkLsQvbOYrl5gF5NrGlGTTf3bPQUWHU2Ah1mG0acKn5uBr3lkoeOJcFMY-x_-lAFzZrhZu-Xf6qG4FiBSfNaU6_d5uPdtTWnoMZm5dZetsiesUfHUl0piHo1IGTf5Qqkt--mg2zUFlJkcEsZvTTnLaHpSPMcl5bK5-ZQb0edEk4rXN3wuio_lQBAjAYPS5G4PkSwXZ9ZaZwHUtVUJZm6HFcWcZQV3PpoKb96PWsKNoCfyWrkty95H1G3PSiF3lzdUf1VXMO3Pp7cS7R-s9hjvY6twhQC2S4BuJ6t0zXQCs--m8Nwhs1vs6mSVkfiqlD_c6YW8Fq9U-guF8x2ZLtn6zA3aJvU4yVbGKHfq3Mx9XJ7yptadX959G4POncHq9t1waZP2P8I8DrMQalj7oh8708LxqLbdAq0bDbYhP5ll8ONzdtEMDyBcBRSzjnv2h18KuOTcKCxddzfZH-N2DfBfoP2pXLtNcTwTSATTQ4p6BozhBNs16Ws_yOxoOm8-Ju15DChUlGSdxu5WGlPea35r3rH_b_sN1bULob8_kyy7pFJPDJc4JvvS0IjNlLl2UE9dnh9zP4gUJ5ZGMy8SJ35CMuDYxQ3fiQ8UFGXpQ7W7wg2DWkg9wZUR64xYvlwaEL5zN-GMW1ZmqyjQgRh2SBehecPojNrRBxh2zwlLG5HumYiTo5pwuhbP5KbUcPSjNMIYO4FfLraP1sHeU3QnINGtbVh8MHozhTnr57FP6EbgqdMZZVRiglY5hWQ0fyELDw9svXTnz7d4PdBJvOxhqlys6wdzCDzv318COhSc8U3i37Dx83DI1rp-9IDKY6f0K10zs5NZOL7KRnlPC54Bxyy-dlvCJaeAVP9XGKF2nS19YHUipt8xY-CkA06rbZzURw9X7IK4Zf8EtAHz2sOprtfuukN_yItekTI6HoRJ3Pm_vT594jdsk6CvAsNDYjMAbk0WufxD1kFMyEUvIawRd4P2lC0gV-ALUuksTKL8pxgBfQHlC3c-TCWPmNeNNcFu4CH2hjUxJRzJX3HzptE2GztRMl4nxFvHBLZJ0fB8KH0uQGslztSlb6Vuf7z6Z2BKn-iywMiJv3rpzIpyiw-q4vc1ykKUS8X_66DMylMtcqfkfpDAEhLn71oKbsxKRvguOA_ASFhDd5DEPoXrrGhm13X6_ufWrLiVcIkThCYrncOQjAE9khL3tGNb9yZA66u7SoBci0EprUzdcjM8gMbagEXXuxjVIeVxvAqInyAdDz_nwJsFrDpxdP2liLsZcf6CBibUpPmARXZ3SJW9Z0Q0mpgebMXxoQI5oMP3Fd1vC4Y1wjSa136AM6DEYfdseFXs8sc8cKJyA&cid=CAQSGwBygQiDYBO27wNObNlH0KzvdN8PBw9a2F4-lRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fes360.com.br%2F&ds=l&xdt=1&iif=1&cor=7026147900333774000&adk=3062569608&idt=240&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 3AFE 28 KB
11 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AFE 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
DATA 200
OK truncated
/ Frame 3AFE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95ed5bc1a6dbfa54d5f29690c65b0ba7402a3c67d2915c9431ba581896f79d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C0AF 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 216295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aulus-728x90-DE.html Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 2CCE 6 KB
2 KB 66ms
20ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 216520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2378
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:06:34 GMT
expires: Thu, 18 Apr 2024 10:06:34 GMT
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AFE 0
0 136ms
66ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8c4THMxKn9hEX17hT227693J_3M44dpSw6tFdR61Z-r9rCaWMZn5BDZKye0YogKfA2RMEGqHV1s6OuEyUbbm8un5P8ahXLKbCg4mh6U5oJ8-T0gqeIRRg4leC9lAc7E2g2E8DYVOzcs6hos--OTH1VXwhL5C9ck1cHDJp3nPjWIfrs_uGdPyUYx8NNFLtXSq6IeaeqG_rle8IEm2Xaq5kx3qa1kYJLYZWocXmGYDx__pXYfeaBw7XvdeGtrP4lg5gw2HhtUnZscdjQfbEuLOtj6GlCtkBJx1b7VO1yDsavhXxJgClX3NAh0sbtK3sVGsmnSkkNj2EK9zA39OQ1Bn6aBpIsLsf9-jB81wa0qY4kiHIKNTQ69-7PiDPuDHJSo0OPl-QfkIpzNwmJ6pErTh61E3NFb3dQmwB-JBizZcaWE4-4cBiFu_uTmHZAn2cazRk9i_SxmZqruBmxJpa2Ulc27vkiuMgaAO94VVfQo3htu9-1BD78mtPO0zmucLdVoqRzu6H0OzGQhTqPEwYtgZMW8K99oeqdti7pPP-2Ek3EutHN8V7ZcZ5XRviCPjOf-vQ6OxOlRhJruziVWG1BHtfexKSH0GdSO31OCjid-K9J3ZvfdzrSFpXcrBFYmd3kHX1SjM5_ISEFp6C1Ceb4hMC6c0eef9oxV-R7STJzAjF-7JYeG0uCuBLbHXnWRTtniNwd1TgSdPqdhi7J0oNLl3mjblPFdUQ9ZO-ru2mlu_xyeOP1GT_2Iz28xbo1HYUhwmU7SzhwsTYMMxXns0cm4DYoTjkpbThOMmhL96seL0AUK2ifUtokWs8Qt-TOcyZFk-9ANxSO8PDn7xjn61FqdRvv1Nn4KX0xOB9MymhB2lJ1bgWwplMBghcfltVgI5TESwgREoxxQBpMP0LSflNnkIouvbu5ukSOxlewydFG_9c1LPs6ZvXpvJH19PxM59gZHcLSvhZ0F4GUXLxwl9U4cRebfZpNApZT0Kr3HfWA_Tsaf51siCr-aC05QQ5BdmccsOtrAiITijLOeoBB7nr2qBwgRaMFD2Fewk7jRdPUPxrTNWLrYLhhg_OoLe1ZToTspylx95SBtq0Mbj-du1LchKF5DaqWJuJxdp6Jgbt10EDq6TufC-fpx72k3hbhDFPqkcYy3MqOORapFT7M6FVR9jycU2C8cYz7ifEri8JUqKooO4uJRIy6QAfH5seNgmHsftHtD4ndjewPDvH5_J6hoAjZyZ_5Qg&sai=AMfl-YRrjqEM-ZoDT-CFbXtz4fhd0LIEE7sDtXPuqDebmhz3_1i-fJc7aBiBewSQHzgdLYh3md2S-lW74JXZSt_hb7v-sy6faY4Bd1LXwVNaKnO9h-vym3paQkzAN8UQ8KHoSZ_FoEcbxDFLv2NVJ7awixNxV2FEZDaKOwKDqkAPSq881tsWiV4&sig=Cg0ArKJSzGiWRp7RtSkMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=118&cisv=r20230418.80555&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:15:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame C0AF 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2CCE 236 KB
63 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H3 200 aulus-728x90-DE.js Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 2CCE 142 KB
14 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 04:05:20 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ Frame 42A2 287 KB
72 KB 675ms
269ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=clgmlk
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 18a646b56a03e1ee71410e1654bf367c7228618409f6205d9537e33423ce11e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:15:49 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 3566
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 73022
last-modified: Thu, 23 Mar 2023 16:18:10 GMT
server: marrakesh 1.16.6
etag: ea890f1ba9babe075f267a92b800ef63
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: dNKZKiBFEZu5rkJeS9y3217zWMAbM7hZ16LIAfzv-LW3-L0ePdfWlA==
expires: Fri, 21 Apr 2023 22:15:49 GMT

GET
H2 200 band.js Show response
me.jsuol.com.br/aud/ Frame 42A2 21 KB
9 KB 677ms
277ms Script
application/javascript 2600:9000:2127:a00:1:aa11:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/band.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:a00:1:aa11:940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 71b81a7312167d605b3350faf8ac81cc97ca63130e23e611504f2e997e4a3683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:07:47 GMT
content-encoding: gzip
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 448
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8126
last-modified: Thu, 10 Nov 2022 17:54:19 GMT
server: marrakesh 1.16.6
etag: 37e95bc36f738bdd7354472db9572c20
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: xxCHRrfkmkekMV-NtAkwdIrINArCknivwtepPPRMN928NbznTFGyLw==
expires: Fri, 21 Apr 2023 23:07:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 42A2 116 KB
45 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38938851-1

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c074a973f140b79ec02fc19956622488fa9c4e088ad57a348e837f9f2365e08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ Frame 42A2 277 KB
71 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19edb39fafced74139e21e8bb2ecbd792611ffcbeaa8875920bf0905c0deacc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72846
x-xss-protection: 0
server: sffe
etag: "51121eee2eb710b4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H2 200 styles.30f20542e2f548b2.css
www.band.uol.com.br/ Frame 42A2 76 KB
18 KB 213ms
213ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 5b984406083732916698df19b0a9907473d598f5f1659d86c8cc00a46411a427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 4409
etag: W/"1301a-187a119b41b"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 18454

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 42A2 213 KB
69 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBNNQ7W

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3835e719bc4fe2d88680e92ba146e0f54656d236af12dd1a90bb91628ee4317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70845
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H3 200 aulus_728x90_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/11207411921136063200/images/ Frame 2CCE 2 MB
2 MB 23ms
22ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/images/aulus_728x90_DE_atlas_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 09:59:37 GMT
x-content-type-options: nosniff
age: 216938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173118
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Apr 2024 09:59:37 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AFE 0
0 63ms
62ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8c4THMxKn9hEX17hT227693J_3M44dpSw6tFdR61Z-r9rCaWMZn5BDZKye0YogKfA2RMEGqHV1s6OuEyUbbm8un5P8ahXLKbCg4mh6U5oJ8-T0gqeIRRg4leC9lAc7E2g2E8DYVOzcs6hos--OTH1VXwhL5C9ck1cHDJp3nPjWIfrs_uGdPyUYx8NNFLtXSq6IeaeqG_rle8IEm2Xaq5kx3qa1kYJLYZWocXmGYDx__pXYfeaBw7XvdeGtrP4lg5gw2HhtUnZscdjQfbEuLOtj6GlCtkBJx1b7VO1yDsavhXxJgClX3NAh0sbtK3sVGsmnSkkNj2EK9zA39OQ1Bn6aBpIsLsf9-jB81wa0qY4kiHIKNTQ69-7PiDPuDHJSo0OPl-QfkIpzNwmJ6pErTh61E3NFb3dQmwB-JBizZcaWE4-4cBiFu_uTmHZAn2cazRk9i_SxmZqruBmxJpa2Ulc27vkiuMgaAO94VVfQo3htu9-1BD78mtPO0zmucLdVoqRzu6H0OzGQhTqPEwYtgZMW8K99oeqdti7pPP-2Ek3EutHN8V7ZcZ5XRviCPjOf-vQ6OxOlRhJruziVWG1BHtfexKSH0GdSO31OCjid-K9J3ZvfdzrSFpXcrBFYmd3kHX1SjM5_ISEFp6C1Ceb4hMC6c0eef9oxV-R7STJzAjF-7JYeG0uCuBLbHXnWRTtniNwd1TgSdPqdhi7J0oNLl3mjblPFdUQ9ZO-ru2mlu_xyeOP1GT_2Iz28xbo1HYUhwmU7SzhwsTYMMxXns0cm4DYoTjkpbThOMmhL96seL0AUK2ifUtokWs8Qt-TOcyZFk-9ANxSO8PDn7xjn61FqdRvv1Nn4KX0xOB9MymhB2lJ1bgWwplMBghcfltVgI5TESwgREoxxQBpMP0LSflNnkIouvbu5ukSOxlewydFG_9c1LPs6ZvXpvJH19PxM59gZHcLSvhZ0F4GUXLxwl9U4cRebfZpNApZT0Kr3HfWA_Tsaf51siCr-aC05QQ5BdmccsOtrAiITijLOeoBB7nr2qBwgRaMFD2Fewk7jRdPUPxrTNWLrYLhhg_OoLe1ZToTspylx95SBtq0Mbj-du1LchKF5DaqWJuJxdp6Jgbt10EDq6TufC-fpx72k3hbhDFPqkcYy3MqOORapFT7M6FVR9jycU2C8cYz7ifEri8JUqKooO4uJRIy6QAfH5seNgmHsftHtD4ndjewPDvH5_J6hoAjZyZ_5Qg&sai=AMfl-YRrjqEM-ZoDT-CFbXtz4fhd0LIEE7sDtXPuqDebmhz3_1i-fJc7aBiBewSQHzgdLYh3md2S-lW74JXZSt_hb7v-sy6faY4Bd1LXwVNaKnO9h-vym3paQkzAN8UQ8KHoSZ_FoEcbxDFLv2NVJ7awixNxV2FEZDaKOwKDqkAPSq881tsWiV4&sig=Cg0ArKJSzGiWRp7RtSkMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=321&vt=11&dtpt=200&dett=3&cstd=118&cisv=r20230418.80555&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0AF 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxuDm8gpDZMzvLMGSrASDqYnQBwAAAAA4AeAEAg&bg=!c3ClcCTNAAYfNdXmPzU7ADkAdvg8Wvfi64ubWNPVy-U_u_bRBW-PrnxNO85es3vdIqTeEbf0-ioo9O-H5zEPdsn7eOkQNvhlRrECAAAAhVIAAAACaAEHmQMVNzK2Be1yQcdEBqG36kD_SDkX4m4jk1r2cLMEFgpQsUBYMZQ7bpdsEWCgI7WHuwrI3LvxPKLJC3yRpnNR3Y6EzAx6YmQ1wKhCi7g8Cc4flfk3utGtBAO4K4JpB5_J6PjWZTGwna6lZ2qWDRRM3VOVKZwMDz7NRSkLoKlLMNMqTcgjQnRsW0ZBXjuV3Vkl5J37bLZ3HHd01XT4YdbtpOEfEcoJ1qbS7S91dPPZkXfmbVqyYnVYr8lOCwmhnUTTzIiNZRbuyVsEID51-_Cj6nQ8_QkY_Iz8jgx8pwYVWBGzAZ-8kupEuFzUafTm-V9yGm1bMeIY0hhmPntoFan6Q7onPnjm3ADkuoxO2d1WUTQTfZEfQiXWzC-xLtTufJYtVOXAJWsYp5zhEO5CBL1fxfjBMX481RkJ-w_5W7Wt7n8USdar5Nt4eaxEDWLxYQe9GojK74PA02AI5bMMbMepN7dq1gCkdWN0eK2bcGNwPKo1UK4i_pxPQRx6srli61oOrlszoHZt4cS6PcRWebnfWp1O8QhWrn8jN22-InnEwcm0LwFTkiIK608WXGBgF7mmAKjcluRjBGq7h41Y6Dz1xCJhhyS9NXdbLzDSzEv2m06cUr7ryhmje1_UykixsjrpMiaDweH0_PmQHPVY1XqQMLGHBYshPsXdH9Ci8qKLvJoXgwehR5XWwk3TPau_kua8c_6DYA-eUgbW_bvp8n5UfjG2vp4Vt76rNHn0sJ-8cA2qYxXyi3LR2KQVgR2Qeb6yN3N3ifMS6csS5KY6sK8vSXlWw1lBl-e6LOPW8rizPGvjYHNyZlTbwnaj9oL6Z8sbK32BPWXo2NVvwCASIY8LPN9A99BaExDHdwQYwFOpmgC_uI9Pe7g9BY3kTZZAkgKXcxT7nR9fVZoAhv6YE-y7l1i-RvputttICZqWGkCqF5k5KRT9EjOIoJJyyTuKEBDYcRmqAEMvwRGxWemW34z0XWtXsKxq3jKrBQFgfAKo-3l9gNzgaQewFvNJ8XzyNI9EHZeZFTbEyAn7woX_GdVROggZ0ht84HbT

Requested by

Host: es360.com.br
URL: https://es360.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-band-2022-v2.png
pubimg.band.uol.com.br/Files/ Frame 42A2 5 KB
5 KB 882ms
488ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/logo-band-2022-v2.png?v2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 96e519229feb7549d189ac77807b5d3e87409c59969418fbd014dd7e143eb62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 5943
x-powered-by
x-cache: HIT
content-length: 4824
last-modified: Fri, 11 Nov 2022 13:51:45 GMT
server: nginx
etag: "1bd380bcd4f5d81:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 433327557 535597079
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 b0114e0e8fbf44c96c3c.png
pubimg.band.uol.com.br/files/ Frame 42A2 28 KB
29 KB 882ms
489ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/b0114e0e8fbf44c96c3c.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 5aaa742fafffa743547cd71851a5d4a410c55459c0a10f3f28a759ff7fb514db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 1177
x-powered-by
x-cache: HIT
content-length: 29127
last-modified: Fri, 30 Apr 2021 14:22:29 GMT
server: nginx
etag: "91db6440cc3dd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 570149761 567622383
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 48e91b059744c3a031cf.png
pubimg.band.uol.com.br/files/ Frame 42A2 19 KB
19 KB 1140ms
747ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/48e91b059744c3a031cf.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: bb97d9e11cbe43a6dc611277fc2228e1ba186c2ed08371d4e4f078cf0a1d0ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 81534
x-powered-by
x-cache: HIT
content-length: 19576
last-modified: Wed, 01 Sep 2021 13:47:06 GMT
server: nginx
etag: "8cd12fda379fd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 1066423067 1039612700
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 b68bc843684d9a97822c.png
pubimg.band.uol.com.br/files/ Frame 42A2 28 KB
29 KB 1141ms
747ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/b68bc843684d9a97822c.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 5aaa742fafffa743547cd71851a5d4a410c55459c0a10f3f28a759ff7fb514db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 3526
x-powered-by
x-cache: HIT
content-length: 29127
last-modified: Fri, 30 Apr 2021 14:23:29 GMT
server: nginx
etag: "73637e64cc3dd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 577015768 572926802
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 bandfm-live.png
pubimg.band.uol.com.br/Files/ Frame 42A2 42 KB
42 KB 1140ms
747ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/bandfm-live.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 3706a5e485aab74e92c27bd0fa10327a26867d3e404e5403929392dc6c1e0e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 81099
x-powered-by
x-cache: HIT
content-length: 42838
last-modified: Fri, 05 Mar 2021 13:22:45 GMT
server: nginx
etag: "8e6651a1c211d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 1064663048 1047235372
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 nativa-aovivo.png
pubimg.band.uol.com.br/Files/ Frame 42A2 15 KB
15 KB 1140ms
747ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/nativa-aovivo.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 26e61a717e74f7630aa6c9bd8e73e7ec66a0f873550e8266159a6ed80c841682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 84554
x-powered-by
x-cache: HIT
content-length: 14887
last-modified: Mon, 08 Mar 2021 12:56:45 GMT
server: nginx
etag: "47cb5f7e1a14d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 596984176 561958296
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 play-aovivo.png
pubimg.band.uol.com.br/Files/ Frame 42A2 31 KB
31 KB 388ms
387ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/play-aovivo.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 030bb0dac75d2f783ee81c602f4e4703676e6ac60769c44e02e7e48a61c155c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: CacheUOL
age: 83394
x-powered-by
x-cache: HIT
content-length: 31769
last-modified: Thu, 04 Mar 2021 14:05:43 GMT
server: nginx
etag: "87dd3d77ff10d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 529979507 502379471
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 Educadora.png
pubimg.band.uol.com.br/Files/ Frame 42A2 84 KB
84 KB 388ms
388ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/Educadora.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 91fe360f6381048dae14a5b250747b97355e0f5c520bf2376b78a45e399e15b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: CacheUOL
age: 85834
x-powered-by
x-cache: HIT
content-length: 85952
last-modified: Fri, 26 Feb 2021 15:06:06 GMT
server: nginx
etag: "76d595e850cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 553998701 528563643
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 StereoVale.png
pubimg.band.uol.com.br/Files/ Frame 42A2 115 KB
115 KB 416ms
415ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/StereoVale.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: c2409acddd1f29ce36ef1770d6741389980ca6c5cb73780dbd9d64e292424965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: CacheUOL
age: 80895
x-powered-by
x-cache: HIT
content-length: 117545
last-modified: Fri, 26 Feb 2021 15:06:07 GMT
server: nginx
etag: "52823e950cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 1071630991 1046750262
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 BandVale.png
pubimg.band.uol.com.br/Files/ Frame 42A2 78 KB
78 KB 572ms
572ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/BandVale.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 8f5a097ac507264e5c7c4aa4dc9a059909579bb110b4495bb9e2a3bb7107e9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: CacheUOL
age: 84348
x-powered-by
x-cache: HIT
content-length: 79736
last-modified: Fri, 26 Feb 2021 15:06:06 GMT
server: nginx
etag: "f39379e850cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 567044774 541799504
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 webalert-notification.js Show response
www.band.uol.com.br/ Frame 42A2 62 KB
16 KB 219ms
218ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/webalert-notification.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 09c1346734a33e14ebabf2e138b89cb5743842fa932adb587a5d039a5ce7bc4a

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:10 GMT
server: nginx
age: 70571
etag: W/"f892-187a119b924"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 15750

GET
H2 200 user-band.js Show response
www.band.uol.com.br/ Frame 42A2 3 KB
2 KB 221ms
220ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/user-band.js?v=1
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: e016658e02001b5d30c4e2b83f9149c0eb77400c36584203c56799330882111d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 69334
etag: W/"bac-187a119b724"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 1422

GET
H2 200 runtime.56b646993ef0fce6.js Show response
www.band.uol.com.br/ Frame 42A2 7 KB
4 KB 221ms
220ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/runtime.56b646993ef0fce6.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: f6361e111e0ea8fc8fefa7e64c8b1481bfe492de9a30f672e7cfa498e582285d

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 80273
etag: W/"1d0d-187a119b47f"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 4271

GET
H2 200 polyfills.985b9b7207fd4acd.js Show response
www.band.uol.com.br/ Frame 42A2 33 KB
12 KB 220ms
219ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 2ab5cebfa08bd247fd529bf1e1bf8d12558ee2a537df9bbc56cd49968249a9b4

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:49:49 GMT
server: nginx
age: 17481
etag: W/"8446-187a112fd48"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 11986

GET
H2 200 main.ce7b247b44d2e6be.js Show response
www.band.uol.com.br/ Frame 42A2 893 KB
248 KB 430ms
430ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 9d97603d9977b79f83f46952d31d0e71682406c0b2b7dbb0619cc26bb5e58482

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:08 GMT
server: nginx
age: 9971
etag: W/"df55b-187a119b387"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 253198

GET
H2 200 ca341df93b2255387644.png
pubimg.band.uol.com.br/files/ Frame 42A2 459 KB
460 KB 1109ms
746ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/ca341df93b2255387644.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: e0e711075ab0cd7c921c804f3b2be8b8d1f02b6826fe04b48d66ef0ff90da48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
via: CacheUOL
age: 84167
x-powered-by
x-cache: HIT
content-length: 470070
last-modified: Mon, 07 Jun 2021 16:19:09 GMT
server: nginx
etag: "9b363bd8b85bd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 612216127 603959724
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
DATA 200
OK truncated
/ Frame 42A2 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logotipo-band.png
pubimg.band.uol.com.br/Files/ Frame 42A2 1 KB
2 KB 410ms
403ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/logotipo-band.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 7db041d594ec994e63f9fd385dc1cfaf73d6a890801a425ef9baa8a827fb8d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: CacheUOL
age: 15572
x-powered-by
x-cache: HIT
content-length: 1249
last-modified: Fri, 06 Jan 2023 16:28:42 GMT
server: nginx
etag: "622d4f1eb21d91:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 512255351 513062572
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ Frame 42A2 37 KB
15 KB 355ms
24ms Script
application/x-javascript 2600:9000:2057:c600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 75893
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Nw3YKA46kwEfw3f3kI9ryZIuAjTP4OZlZF3gjKGNGsoo_FrNayq1Sw==
expires: Sat, 22 Apr 2023 01:10:22 GMT

GET
DATA 200
OK truncated
/ Frame 42A2 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 42A2 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 open-sans-regular-700.2989948cfe13ef3a.woff2
www.band.uol.com.br/ Frame 42A2 15 KB
15 KB 710ms
708ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/open-sans-regular-700.2989948cfe13ef3a.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:49:49 GMT
server: nginx
age: 11075
etag: W/"3ad0-187a112fd48"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 15056

GET
H2 200 fa-solid-900.16e3d2f09772104e.woff2
www.band.uol.com.br/ Frame 42A2 78 KB
79 KB 923ms
921ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/fa-solid-900.16e3d2f09772104e.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 11078
etag: W/"139ac-187a119b7bb"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 80300

GET
H2 200 open-sans-regular-400.c40573de9ca1be01.woff2
www.band.uol.com.br/ Frame 42A2 14 KB
14 KB 709ms
708ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/open-sans-regular-400.c40573de9ca1be01.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 11046
etag: W/"382c-187a119b437"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 14380

GET
H2 200 fa-brands-400.18993be87e4334f7.woff2
www.band.uol.com.br/ Frame 42A2 77 KB
77 KB 923ms
922ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/fa-brands-400.18993be87e4334f7.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:57:10 GMT
server: nginx
age: 11078
etag: W/"1327c-187a119b910"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 78460

GET
H2 200 open-sans-regular-600.5617f7b9fa4501c1.woff2
www.band.uol.com.br/ Frame 42A2 15 KB
15 KB 923ms
922ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/open-sans-regular-600.5617f7b9fa4501c1.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:57:08 GMT
server: nginx
age: 11078
etag: W/"3a20-187a119b3af"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 14880

GET
H2 200 open-sans-regular-300.4fac6109af8555e6.woff2
www.band.uol.com.br/ Frame 42A2 15 KB
15 KB 923ms
922ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/open-sans-regular-300.4fac6109af8555e6.woff2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Request headers

Referer: https://www.band.uol.com.br/styles.30f20542e2f548b2.css
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 11078
etag: W/"3a54-187a119b75b"
x-powered-by: Express
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 14932

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 42A2 261 KB
86 KB 257ms
257ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7NE0W89XE2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38938851-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91d33f9d8c51446cac0d15fe1dab834d7a5d22b8d4cca68fc4f214a67c89f873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 42A2 49 KB
20 KB 221ms
221ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38938851-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 20:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 22:35:44 GMT

GET
H2 200 rpc.html Show response
user.band.com.br/ Frame 3909 8 KB
3 KB 1574ms
20ms Document
text/html 192.229.221.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://user.band.com.br/rpc.html
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/user-band.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.240 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE9) / ASP.NET
Resource Hash: 97b101ceda5073002eec6f045971aa4d535a3ca5a73125cef87ec2352a442500

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18782592
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3112
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 22:15:17 GMT
etag: W/"215f-18342588223"
last-modified: Thu, 15 Sep 2022 18:10:40 GMT
server: ECAcc (frc/4CE9)
vary: Accept-Encoding
x-cache: HIT
x-policy: PADRAO - V85 - 100423
x-powered-by: ASP.NET

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.2.4/ Frame 42A2 11 KB
4 KB 269ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.4/firebase-app.js

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/webalert-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013deeec837f58b15d19f79b6dc4eb844e26edc6425c3bc95078413fff257397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3849
x-xss-protection: 0
last-modified: Thu, 27 Jun 2019 23:53:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 03:45:42 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 42A2 118 KB
46 KB 223ms
29ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MDZ2K9X

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBNNQ7W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab9fab043feea6a3abfe0464ead0807b86ad73935688c8de4137965c239d8157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H2 200 hotjar-2239427.js Show response
static.hotjar.com/c/ Frame 42A2 9 KB
4 KB 213ms
21ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2239427.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBNNQ7W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

61200b4b8102640ba15907334bc261c78da4d4a920122026a15c6946bfd7b450

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 22:15:06 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 9
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/0b1f464d4f94b449a3a48109a26268f8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Mkut1Bue0A6O3b8dxULXLv5bpjDfEh-jTxW2tycoiXThzMKP8Ctppw==

GET
H2 200 46aa3228dda4bdd8a1bb393f132073cd.js Show response
api.cazamba.com/ Frame 42A2 405 B
647 B 216ms
27ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cazamba.com/46aa3228dda4bdd8a1bb393f132073cd.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBNNQ7W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e4f688b0da81360677c6a6dc620761a4bdf4237f9c652001bea33d1d0c587710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
x-amz-version-id: U7SJky_QirayY7a4nHB1I6CxKqyvCGnn
last-modified: Wed, 25 May 2022 16:44:23 GMT
server: AmazonS3
x-amz-request-id: XV5CPYQ68CMFDSY3
etag: "7303d30dc17299bf2f2c16f841b0f109"
x-hw: 1682115315.cds108.fr8.hn,1682115315.cds259.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, no-cache,no-transform,must-revalidate
accept-ranges: bytes
content-length: 281
x-amz-id-2: nEV5kxoUeoVOFR9AV8CuvWE/dd+oiPDb+A5oiLfyGKY9BgnqK6W6gsYLWJIXgC+IArYii99/Cvs=

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 42A2 14 KB
5 KB 220ms
32ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1462
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bb8fc142dd4994b-FRA
expires: Fri, 21 Apr 2023 22:50:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F938 42 B
64 B 176ms
175ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV49CNR8CWnMA0oSAMYrZjUpwwd8FVQuoJShksw6WXg8w14DENk2dIkYe46eo8COv3PUxaFM4DFf2qjLAnFzc2EL-i85tkqcAzTDtGEPBUCYJfLS36&sig=Cg0ArKJSzJomCor-lqB-EAE&id=lidar2&mcvt=1004&p=166,315,416,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3173121328&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682115314074&rpt=565&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame A660 197 B
837 B 316ms
22ms Document
text/html 2600:9000:2251:4a00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=clgmlk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4a00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
age: 56
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Fri, 21 Apr 2023 22:14:19 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Fri, 21 Apr 2023 22:24:19 GMT
last-modified: Mon, 04 Jan 2021 18:03:21 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id: YN9jHHbMKJWr0d1b7wfe82-qpr59n1HLTjezkUvPfmWgAaJd9Z9lSQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 Prebid.js Show response
tm.jsuol.com.br/modules/external/ Frame 42A2 327 KB
104 KB 26ms
26ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=clgmlk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 051ac3a3782c01b58a8ea3bd27684cf16b0f64aaa57d1ca8d0267a00621215fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:01:16 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 839
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 105631
last-modified: Tue, 07 Mar 2023 16:11:28 GMT
server: marrakesh 1.16.6
etag: ee09dbaea021f1ebfb2cecb58204ec25
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 8LGHAmi8CQwFjdcXUojCLjtrEpGjiv957d3zGyDxhwCCNBve0JsJLQ==
expires: Fri, 21 Apr 2023 23:01:16 GMT

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame 845A 2 KB
1 KB 346ms
38ms Document
text/html 2600:9000:2127:b600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef0c7504e5fd7d49af153da667763058646be7b975b920d7f97df0aaa1fcb841

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74350
content-encoding: gzip
content-type: text/html
date: Fri, 21 Apr 2023 01:48:27 GMT
etag: W/"0fd96a8648c772815db11e0694442f69"
last-modified: Mon, 02 Jan 2023 16:14:47 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-id: ZqRTN-YmjcHCquGfYCnewzlozrEi_pmZBIYvZ-0tMPyuibKuzRgo9w==
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ Frame 42A2 8 KB
4 KB 35ms
35ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=clgmlk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: b32359ec94158e5ca101115130040f90731766aa1e859b3557f9968144f16c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:30:23 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2692
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 2949
last-modified: Mon, 20 Mar 2023 13:57:12 GMT
server: marrakesh 1.16.6
etag: 37698a3d6ebd58846a486379c4ea4d23
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: zn6Tkf8Q6eBzG8ry38hicGPFetszKRrRgVfBO-nkCUDQ-9z4jz5Giw==
expires: Fri, 21 Apr 2023 22:30:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AFE 42 B
64 B 59ms
58ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZUqA255tKqvo63DzKclfoFMXuj2oc_48hXDiD3baOGnL4cA-EajOXv3ae6-29393QXNG6AXI-lm2w7pcKIm1RPdeBHn_QZpVmrq5QxWdyTmuibaIPi3WzfOsj&sai=AMfl-YQ-SSQoxGdY-F5lcqYAZsNGV3iCb57MQe8jixzmHGeuuhjxIaqDE68FHCs0SDwl7Bb4wI_tkWX3LClx&sig=Cg0ArKJSzErSlTurjkOxEAE&cid=CAQSGwBygQiDYBO27wNObNlH0KzvdN8PBw9a2F4-lRgB&id=lidar2&mcvt=1035&p=0,0,90,728&mtos=720,1035,1035,1035,1035&tos=720,315,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682115314397&rpt=494&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3af729e1390c31850528.js Show response
script.hotjar.com/ Frame 42A2 261 KB
68 KB 111ms
32ms Script
application/javascript 65.9.95.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3af729e1390c31850528.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2239427.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-21.prg50.r.cloudfront.net

Software

Resource Hash

053d91350c461f9bb575c22e2be01f990429addd476b87aea57c4b882dfa002a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 31569
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68732
last-modified: Fri, 21 Apr 2023 13:29:00 GMT
etag: "56e75754cb5d7b057018594e30193ba6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vrAHtO8DbdN3g1CuemY9ObU2OlFKBeXTDwDe4riIjyiBnvLMFODLIg==

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.2.4/ Frame 42A2 32 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.4/firebase-messaging.js

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/webalert-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8748
x-xss-protection: 0
last-modified: Thu, 27 Jun 2019 23:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 11:23:35 GMT

GET
H2 200 czmb.min.js Show response
api.cazamba.com/common/ Frame 42A2 105 KB
33 KB 38ms
37ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cazamba.com/common/czmb.min.js
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/46aa3228dda4bdd8a1bb393f132073cd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: gzip
x-amz-version-id: VqCIYLFA9K3Y98t7mA4Tr4UkJwF3jmzR
last-modified: Tue, 23 Feb 2021 19:11:35 GMT
server: AmazonS3
x-amz-request-id: 6ZFY4RBK5YDQ8KDP
etag: "fd80cc799e36e281e75205cb74648bb1"
x-hw: 1682115315.cds108.fr8.hn,1682115315.cds160.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, no-transform, public, no-cache,no-transform,must-revalidate
accept-ranges: bytes
content-length: 33535
x-amz-id-2: cKwNzWOhULr53b4VwmvrRjkSLOyx/UN/exgRRdw1RHOncw3hwjSlzKEsqLT3NpOnTJA8TLcC19g=

GET
H2 200 82721 Show response
tag.navdmp.com/u/ Frame 42A2 500 B
529 B 159ms
159ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/82721
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57bbdfb8b83d64050aee4f1c4a21f230e5c92e3cdc92eda755733c6f5da1560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Jun 2022 18:11:35 GMT
server: cloudflare
etag: W/"62acc3d7-1f4"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bb8fc14fe63994b-FRA
expires: Fri, 21 Apr 2023 23:15:16 GMT

GET
H2 200 ping
ping.chartbeat.net/ Frame 42A2 43 B
201 B 373ms
118ms Image
image/gif 100.25.247.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=band.uol.com.br&p=%2Fradios%2Fbandnews-fm%2Fvitoria&u=Co_3TcNaTJCIfOT_&d=band.uol.com.br&g=62968&g0=NovoPortal&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1983&o=321&w=700&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fes360.com.br%2F&PA=https%3A%2F%2Fwww.band.uol.com.br%2Fradios%2Fbandnews-fm%2Fvitoria&b=2757&t=DLNvuWDWwCQvD6wG2fkcOzVDrKb_S&V=139&i=BandNews%20FM%20Vit%C3%B3ria&tz=0&sn=1&sv=D_rqnsDx9DJJCAgqjqP1xEKCPU6eG&sr=https%3A%2F%2Fes360.com.br%2F&sd=1&im=066b0f7f&_
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.247.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-247-168.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:15:16 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 42A2 171 B
561 B 216ms
62ms XHR
application/json 81.17.55.112
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.band.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.band.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 42A2 137 B
1 KB 21ms
21ms XHR
application/json 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

f6c11e77e31ebebf9c0387532124ef9a473943891f180e68008957174b75fd5f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.band.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:16 GMT
AN-X-Request-Uuid: 18e14c27-ab7b-41ae-8197-e438562a53ba
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.band.uol.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 42A2 173 B
407 B 249ms
89ms XHR
application/json 3.69.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.213.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-213-122.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2be1dc67de3a0c5d94cefb9af7bc2607481fd0c2656796c364d7e9b7571e742f

Request headers

Referer: https://www.band.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:16 GMT
content-encoding: gzip
x-prebid: pbs-java/1.116.0
content-type: application/json
access-control-allow-origin: https://www.band.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AFE 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5517291344368&version=m202301230201&ct=119&x=1&cor=7026147900333774000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ Frame 42A2 359 B
430 B 172ms
162ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=82721&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d868b434e43d5967c5f3787fb4317f2b7f9a3d8b6fadb48cf6020bcad3421a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Apr 2023 22:15:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7bb8fc162fae994b-FRA
expires: Fri, 21 Apr 2023 23:15:16 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame A660 4 KB
2 KB 24ms
24ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:28:12 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2824
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
last-modified: Tue, 05 Jan 2021 18:00:13 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: bbsE-o4oaBufv7ggdHC2U0sh-2klGSclERe4QkhNtlA9SwTRcF3pww==
expires: Fri, 21 Apr 2023 22:28:12 GMT

GET
H2 200 1817.169f467fb3e6862b.js Show response
www.band.uol.com.br/ Frame 42A2 32 KB
7 KB 534ms
534ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/1817.169f467fb3e6862b.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/runtime.56b646993ef0fce6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: a0483e82a75d97c81daa0de54dd16e02e2dfdba06a0b0e76266b5b0036b4e145

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:08 GMT
server: nginx
age: 12804
etag: W/"81b8-187a119b373"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 6856

GET
H2 200 6747.77963441f43507a8.js Show response
www.band.uol.com.br/ Frame 42A2 5 KB
2 KB 534ms
533ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.band.uol.com.br/6747.77963441f43507a8.js
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/runtime.56b646993ef0fce6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: 293e05ba595e7b7af22917de137e38aecb7ae252c23b2be96d0701d80d967c49

Request headers

Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Origin: https://www.band.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 66375
etag: W/"1478-187a119b788"
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
content-length: 1602

GET
H2 200 / Show response
udr.uol.com.br/ Frame 42A2 142 B
621 B 425ms
282ms Fetch
application/json 2600:9000:236e:7000:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/?scopes=base-assinantes,user-preferences,corporate,inscriptions
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:7000:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 44b427cb2ddf6b79a8edff130e504b40704f8d665697d7870de8bbfc10e4b965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA60-P1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.band.uol.com.br
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
content-length: 142
x-amz-cf-id: HTX4LT7Eocfxscj6JFPlmaqSKZXYcxDB5vtpS7HuJRvAOYywJWGzsQ==

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 42A2 6 B
77 B 164ms
154ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=1296a7f52508bccb2750daadd310%7C0&acc=82721&tit=BandNews%2520FM%2520Vit%25F3ria&url=https%253A%2F%2Fwww.band.uol.com.br%2Fradios%2Fbandnews-fm%2Fvitoria&upd=1&new=1&ref=https%253A%2F%2Fes360.com.br%2F&h1=BAND%2520R%25C1DIOS
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc1748a0994b-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/ Frame 42A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79837000997
https://sync2.navdmp.com/sync?prtid=2&id=79837000997&google_gid=CAESEIp6LmAt9rWeLicT-RAaDq8&google_cver=1

6 B
57 B

161ms
152ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=79837000997&google_gid=CAESEIp6LmAt9rWeLicT-RAaDq8&google_cver=1
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc1778c2994b-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=79837000997&google_gid=CAESEIp6LmAt9rWeLicT-RAaDq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/ Frame 42A2
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=01096443-0af4-4900-8cc0-9431ba3fe1e7

43 B
129 B

474ms
465ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=01096443-0af4-4900-8cc0-9431ba3fe1e7
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7bb8fc17d900994b-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Fri, 21 Apr 2023 22:15:16 GMT
Server: MT3 830 785530e master cdg-pixel-x12 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=01096443-0af4-4900-8cc0-9431ba3fe1e7
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 21 Apr 2023 22:15:15 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/ Frame 42A2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
125 B

174ms
24ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Fri, 21 Apr 2023 22:15:16 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type: text/html
cache-control: no-store
content-length: 344

GET
H2

200

f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a
m.t.tailtarget.com/sync/TT-10162-1/ Frame 42A2
Redirect Chain

https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a
https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a?check=1

43 B
138 B

123ms
122ms

Image
image/gif

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a?check=1
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:17 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

date: Fri, 21 Apr 2023 22:15:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.t.tailtarget.com/sync/TT-10162-1/f3f2e5ca977ddd8aba4d2c508f2d2ecaa5460b34a4857e3542cfc00c3d33558a?check=1
content-type: text/html
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET
H2 200 radios Show response
api2radios.band.uol.com.br/ Frame 42A2 29 KB
30 KB 1245ms
252ms XHR
application/json 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://api2radios.band.uol.com.br/radios
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express, ASP.NET
Resource Hash: a5d1d91357777bed7301a1a79dc0b715e63a576781a658037fa166ec4ff986dd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.band.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:17 GMT
via: CacheUOL
server: nginx
age: 0
etag: W/"750d-LvQ7Kkhu8eGvQ8peaGtDIAoofCU"
x-powered-by: Express, ASP.NET
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-varnish: 573638885
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29965

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ Frame 42A2 0
546 B 1139ms
213ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:18 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Connection: close
Expires: Fri, 21 Apr 2023 22:15:17 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame B627 213 B
846 B 23ms
22ms Document
text/html 2600:9000:2251:4a00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4a00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
age: 45
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Fri, 21 Apr 2023 22:14:32 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Fri, 21 Apr 2023 22:24:32 GMT
last-modified: Mon, 20 Mar 2023 13:57:12 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id: er_L1_ZbS6wSSe_mEJ5GI1l3IFHmT1rLh_gB9N3Ux988wesoMnEqRQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 502F 213 B
845 B 22ms
21ms Document
text/html 2600:9000:2251:4a00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4a00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
age: 59
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Fri, 21 Apr 2023 22:14:32 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Fri, 21 Apr 2023 22:24:17 GMT
last-modified: Tue, 05 Jan 2021 18:00:14 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id: 7iAFPcKug4i3wpff1b75FpvLdVccihUUMW83qCxyj7uBxPMG_ebxAQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame B627 43 KB
10 KB 22ms
22ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:42:20 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1977
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.16.6
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: VtBKqy-SJBw7KFdAexO7GbLd6fSh1T5xfZn6A17F7RW_-wUUQTMseg==
expires: Fri, 21 Apr 2023 22:42:20 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 502F 43 KB
10 KB 22ms
22ms Script
application/javascript 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:42:20 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1977
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.16.6
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: UgpJEhSEocESSXe8rV2oYUgZLR-QD8-1opHQ-NAio3-QdUOvBtaPzg==
expires: Fri, 21 Apr 2023 22:42:20 GMT

GET
H2 200 hls.js@latest Show response
cdn.jsdelivr.net/npm/ Frame 42A2 364 KB
110 KB 106ms
37ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@latest

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/1817.169f467fb3e6862b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a7088f1c0e665e917c3bec87c8515d678570f07773a1dc4aa8fb9f70932a912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21830
x-jsd-version: 1.4.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"5aec0-8Hymx63ulrVkunP2vEhHx4OgtTI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaS39v2S2emWfYgzFAcfTNlOQqx8F3uthHg7EkuVXgFnCuJLvOqyGtwQaFuXgI%2FnavDDkDsWs%2BJRq3D6yAycG38LtySc2KXKL%2BaCdKEgrMPZfJ375VxPv%2BYFlvP5JPCPkVOcZVa6fWKZJ7wmRJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bb8fc245930bb85-FRA

GET
H2 200 logo-band-2022-v2.png
pubimg.band.uol.com.br/Files/ Frame 42A2 5 KB
5 KB 214ms
213ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/logo-band-2022-v2.png?v2
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 96e519229feb7549d189ac77807b5d3e87409c59969418fbd014dd7e143eb62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 7349
x-powered-by
x-cache: HIT
content-length: 4824
last-modified: Fri, 11 Nov 2022 13:51:45 GMT
server: nginx
etag: "1bd380bcd4f5d81:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 636334579 624349827
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 b0114e0e8fbf44c96c3c.png
pubimg.band.uol.com.br/files/ Frame 42A2 28 KB
29 KB 212ms
211ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/b0114e0e8fbf44c96c3c.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 5aaa742fafffa743547cd71851a5d4a410c55459c0a10f3f28a759ff7fb514db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 36027
x-powered-by
x-cache: HIT
content-length: 29127
last-modified: Fri, 30 Apr 2021 14:22:29 GMT
server: nginx
etag: "91db6440cc3dd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 538419089 520924640
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 48e91b059744c3a031cf.png
pubimg.band.uol.com.br/files/ Frame 42A2 19 KB
19 KB 213ms
212ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/48e91b059744c3a031cf.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: bb97d9e11cbe43a6dc611277fc2228e1ba186c2ed08371d4e4f078cf0a1d0ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 3284
x-powered-by
x-cache: HIT
content-length: 19576
last-modified: Wed, 01 Sep 2021 13:47:06 GMT
server: nginx
etag: "8cd12fda379fd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 567168269 570144859
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 b68bc843684d9a97822c.png
pubimg.band.uol.com.br/files/ Frame 42A2 28 KB
29 KB 214ms
213ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/files/b68bc843684d9a97822c.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 5aaa742fafffa743547cd71851a5d4a410c55459c0a10f3f28a759ff7fb514db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 48428
x-powered-by
x-cache: HIT
content-length: 29127
last-modified: Fri, 30 Apr 2021 14:23:29 GMT
server: nginx
etag: "73637e64cc3dd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 562778227 547401144
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 bandfm-live.png
pubimg.band.uol.com.br/Files/ Frame 42A2 42 KB
42 KB 213ms
212ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/bandfm-live.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 3706a5e485aab74e92c27bd0fa10327a26867d3e404e5403929392dc6c1e0e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 86074
x-powered-by
x-cache: HIT
content-length: 42838
last-modified: Fri, 05 Mar 2021 13:22:45 GMT
server: nginx
etag: "8e6651a1c211d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 563881594 522419183
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 nativa-aovivo.png
pubimg.band.uol.com.br/Files/ Frame 42A2 15 KB
15 KB 417ms
416ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/nativa-aovivo.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 26e61a717e74f7630aa6c9bd8e73e7ec66a0f873550e8266159a6ed80c841682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 85133
x-powered-by
x-cache: HIT
content-length: 14887
last-modified: Mon, 08 Mar 2021 12:56:45 GMT
server: nginx
etag: "47cb5f7e1a14d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 531614737 502712040
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 play-aovivo.png
pubimg.band.uol.com.br/Files/ Frame 42A2 31 KB
31 KB 217ms
216ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/play-aovivo.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 030bb0dac75d2f783ee81c602f4e4703676e6ac60769c44e02e7e48a61c155c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 85499
x-powered-by
x-cache: HIT
content-length: 31769
last-modified: Thu, 04 Mar 2021 14:05:43 GMT
server: nginx
etag: "87dd3d77ff10d71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 550270987 534453907
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 Educadora.png
pubimg.band.uol.com.br/Files/ Frame 42A2 84 KB
84 KB 216ms
216ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/Educadora.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 91fe360f6381048dae14a5b250747b97355e0f5c520bf2376b78a45e399e15b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 20764
x-powered-by
x-cache: HIT
content-length: 85952
last-modified: Fri, 26 Feb 2021 15:06:06 GMT
server: nginx
etag: "76d595e850cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 16707120 11903959
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 StereoVale.png
pubimg.band.uol.com.br/Files/ Frame 42A2 115 KB
115 KB 414ms
414ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/StereoVale.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: c2409acddd1f29ce36ef1770d6741389980ca6c5cb73780dbd9d64e292424965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 84994
x-powered-by
x-cache: HIT
content-length: 117545
last-modified: Fri, 26 Feb 2021 15:06:07 GMT
server: nginx
etag: "52823e950cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 573938296 538268045
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 BandVale.png
pubimg.band.uol.com.br/Files/ Frame 42A2 78 KB
78 KB 216ms
216ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubimg.band.uol.com.br/Files/BandVale.png
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/main.ce7b247b44d2e6be.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx /
Resource Hash: 8f5a097ac507264e5c7c4aa4dc9a059909579bb110b4495bb9e2a3bb7107e9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
via: CacheUOL
age: 83366
x-powered-by
x-cache: HIT
content-length: 79736
last-modified: Fri, 26 Feb 2021 15:06:06 GMT
server: nginx
etag: "f39379e850cd71:0"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-varnish: 510582526 505362225
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type, soapaction

GET
H2 200 icon-opt-in.png
www.band.uol.com.br/assets/shared/opt-in/ Frame 42A2 2 KB
2 KB 365ms
364ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.band.uol.com.br/assets/shared/opt-in/icon-opt-in.png
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: alunosonline.com.br
Software: nginx / Express
Resource Hash: c4af0610e2c97ccc7e950f4a36211b85429de43cf5b0069bc4331e644568bd56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/radios/bandnews-fm/vitoria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:18 GMT
last-modified: Thu, 20 Apr 2023 23:57:09 GMT
server: nginx
age: 70237
etag: W/"887-187a119b4ef"
x-powered-by: Express
x-cache: HIT
content-type: image/png
cache-control: public, max-age=31536000
x-policy: PADRAO - V85 - 100423
accept-ranges: bytes
content-length: 2183

GET
H/1.1 200
OK playlist.m3u8 Show response
evpp.mm.uol.com.br/band/bandnewsfm_vit/ Frame 42A2 105 B
649 B 1069ms
223ms XHR
application/vnd.apple.mpegurl 186.234.127.82
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://evpp.mm.uol.com.br/band/bandnewsfm_vit/playlist.m3u8
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.127.82 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 2792b58c90b8b7fc572d850dafcf94b8ac1dbf2ae4afa323986782ce24b5c60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:19 GMT
Content-Encoding: gzip
Server: nginx
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 117

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 42A2 105 KB
31 KB 75ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.min.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2590696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31378
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPThT2j4mfUvsLjbQ7aeX2FHJvp7lKdZUiKiAG1UWzrN%2FlfRb685nH%2BJyhixvD53ceOl%2FqZLU%2FwJzvi57d7VGEENUUZanrz%2BfixnBY%2BUGyYwEPDR1I4iaTqtxteSvMpsaFVqIaI3R%2F%2FTPKeREh473PJq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bb8fc2808fe37e6-FRA
expires: Wed, 10 Apr 2024 22:15:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 42A2 4 KB
2 KB 97ms
29ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:36:45 GMT
content-encoding: gzip
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 45515
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: v2W6n4xjEYinWsmO9iDgYkPlByCp6CUoqLGQ4kq8z3nZBhuHwdtUVg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 42A2 360 KB
121 KB 106ms
39ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123415
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:15:19 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 42A2 49 KB
20 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 20:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5975
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 22:35:44 GMT

GET
H2 200 rm Show response
as.cazamba.com/ Frame 42A2 585 B
1 KB 424ms
144ms Script
text/javascript 52.71.154.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/rm?token=&r=35043343511&v=13&p=%2Fradios%2Fbandnews-fm%2Fvitoria&vp=false&callback=superagentCallback1682115319000586
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.154.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-154-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 49259ac88985ac895631f402be923ea89f38a4d34a7e3b97c19bcb6ef60a1a29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.band.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 204 b
sb.scorecardresearch.com/ Frame 42A2 0
225 B 43ms
43ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=16041074&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682115319088&ns_c=UTF-8&ns_if=1&c3=&c7=https%3A%2F%2Fwww.band.uol.com.br%2Fradios%2Fbandnews-fm%2Fvitoria&c8=BandNews%20FM%20Vit%C3%B3ria&c9=https%3A%2F%2Fes360.com.br%2F
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 2dxbEOhuVSfXm7yfr3HBD-2q20U3JLVV-NKK1yF7emeXnBJdpSzQ5Q==
x-cache: Miss from cloudfront

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 110ms
35ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fes360.com.br%2F&domain=www.band.uol.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.band.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.band.uol.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 21 Apr 2023 22:15:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 246330
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 42A2 2 B
378 B 104ms
35ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fes360.com.br%2F&domain=www.band.uol.com.br&cw=1&lsw=1

Requested by

Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.band.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.band.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 260640
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 84F5 52 KB
17 KB 117ms
23ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 21 Apr 2023 22:15:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 22 Apr 2023 22:15:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0AC9 281 B
554 B 85ms
21ms Document
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Apr 2023 22:15:19 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0AC9 34 KB
10 KB 45ms
45ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 461e8a81c0663f526af92991ae4f30639aca9edc356e26309b11207fe49eae68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 03:21:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18392
Connection: keep-alive
Content-Length: 10019
Expires: Sat, 22 Apr 2023 03:21:51 GMT

GET
H2 200 cs Show response
as.cazamba.com/ Frame 8843 5 KB
2 KB 116ms
116ms Document
text/html 52.71.154.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.154.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-154-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7bca4e2d6e7ec7d6015efd4f48c036b0bbe6ffb5d22490c6a4c04870d8f8f044

Request headers

Referer: https://www.band.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 22:15:19 GMT
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 84F5 0
862 B 88ms
87ms Script
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:19 GMT
AN-X-Request-Uuid: d9605f08-f33d-4ef7-bd6c-6baf47859450
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0AC9 284 B
536 B 123ms
21ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame 8843 13 KB
6 KB 86ms
20ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:11:12 GMT
content-encoding: gzip
age: 57847
x-guploader-uploadid: ADPycdvGh8jMnu3xMaRo-Dqgy1aXj4lh71uSsN2luagHSEB4PQ5zGDcY0yvTnaXuCtYYsjl-WNo6FyNYf_zVrF4kaUe3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5285
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "b6cbe044784454c3931f1d4de70a511c"
x-goog-hash: crc32c=LTf/lw==, md5=tsvgRHhEVMOTHx1N5wpRHA==
x-goog-generation: 1663611635603334
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:11:12 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 8843 14 KB
5 KB 29ms
29ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1466
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bb8fc2b5bfb994b-FRA
expires: Fri, 21 Apr 2023 22:50:53 GMT

GET
H2 200 44768 Show response
tag.navdmp.com/u/ Frame 8843 590 B
489 B 452ms
451ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/44768
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 18:14:27 GMT
server: cloudflare
etag: W/"61857483-24e"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bb8fc2b8c28994b-FRA
expires: Fri, 21 Apr 2023 23:15:19 GMT

GET
H/1.1 200
OK chunklist_w1422196855.m3u8 Show response
evpp.mm.uol.com.br/band/bandnewsfm_vit/ Frame 42A2 242 B
678 B 212ms
212ms XHR
application/vnd.apple.mpegurl 186.234.127.82
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://evpp.mm.uol.com.br/band/bandnewsfm_vit/chunklist_w1422196855.m3u8
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.127.82 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: f3ec02f736323c387904319c0bd5008dea1adc9a84a7523e73f1bab91b5a4c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:19 GMT
Content-Encoding: gzip
Server: nginx
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 146

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame 8843 93 B
393 B 152ms
121ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 05f0ecbccd078f17791dd6b064d3a05db93bc298f425e43b9d397eb4bae2a920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:19 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 23:15:19 GMT

GET
H/1.1 200
OK media_w1422196855_90114.aac Show response
evpp.mm.uol.com.br/band/bandnewsfm_vit/ Frame 42A2 80 KB
80 KB 423ms
423ms XHR
audio/x-aac 186.234.127.82
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://evpp.mm.uol.com.br/band/bandnewsfm_vit/media_w1422196855_90114.aac
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.127.82 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 82556fd1e39bcf7669059075100ec82cda525726a76310ee731aa424088ca6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:19 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: audio/x-aac
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 81878

GET
H2 200 usr Show response
usr.navdmp.com/ Frame 8843 1 KB
796 B 168ms
167ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=44768&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6701736cc6655d810fe17f98d4291899eef2f1373d7bab8db94c14c01cbdeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Apr 2023 22:15:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7bb8fc2e5e97994b-FRA
expires: Fri, 21 Apr 2023 23:15:20 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 8843 6 B
57 B 154ms
154ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=1296a7f525b46e22a66334f28e10%7C0&acc=44768&tit=CZMB&url=https%253A%2F%2Fas.cazamba.com%2Fcs%253Fpublisher_id%253D2098%2526g%253D1682115319&upd=1&new=1&ref=https%253A%2F%2Fwww.band.uol.com.br%2F
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc2f6f75994b-FRA
content-length: 6
content-type: application/x-javascript

POST
H2 200 cs Show response
as.cazamba.com/ Frame 8843 0
205 B 118ms
117ms XHR
text/html 52.71.154.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.154.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-154-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

sync Show response
sync.navdmp.com/ Frame 8843
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=red&dsp=75
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
https://sync.navdmp.com/sync?prtid=25&sclid=fb6ec8df-f80a-4364-5ae7-5466189ad19d

6 B
57 B

457ms
456ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=25&sclid=fb6ec8df-f80a-4364-5ae7-5466189ad19d
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc30381a994b-FRA
content-length: 6
content-type: application/javascript

Redirect headers

date: Fri, 21 Apr 2023 22:15:20 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.navdmp.com/sync?prtid=25&sclid=fb6ec8df-f80a-4364-5ae7-5466189ad19d
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/ Frame 8843
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZEMK_AAAAIBxBABL
https://sync.navdmp.com/sync?prtid=17&tubid=ZEMK_AAAAIBxBABL&_test=ZEMK_AAAAIBxBABL

6 B
57 B

151ms
151ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=17&tubid=ZEMK_AAAAIBxBABL&_test=ZEMK_AAAAIBxBABL
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc30b8a6994b-FRA
content-length: 6
content-type: application/javascript

Redirect headers

x-served-by: cache-hhn-etou8220051-HHN
pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682115320.413754,VS0,VE0
x-cache: HIT
location: https://sync.navdmp.com/sync?prtid=17&tubid=ZEMK_AAAAIBxBABL&_test=ZEMK_AAAAIBxBABL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK navegg.php Show response
gu.dyntrk.com/dp/ Frame 8843 0
344 B 104ms
32ms Script
text/html 162.19.80.91

General

Check archive.org

Show headers Download Go to

Full URL: https://gu.dyntrk.com/dp/navegg.php?pid=nav3gg&uid=79837000997
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.80.91 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2

200

sync Show response
sync.navdmp.com/ Frame 8843
Redirect Chain

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=79837000997?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.navdmp.com/sync?prtid=38&lotid=

6 B
57 B

154ms
154ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=38&lotid=
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bb8fc306844994b-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.navdmp.com/sync?prtid=38&lotid=
cache-control: no-cache
x-server: 10.45.23.51
content-length: 0
expires: 0

GET
H2 200 31435 Show response
tags.bluekai.com/site/ Frame 8843 62 B
227 B 223ms
162ms Script
image/gif 104.111.217.14

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/31435?id=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 21 Apr 2023 22:15:20 GMT
content-length: 62
content-type: image/gif

GET
H2 200 cm Show response
trc.taboola.com/sg/navegg/1/ Frame 8843 43 B
372 B 69ms
28ms Script
image/gif 2a04:4e42:200::300

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sg/navegg/1/cm
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220029-HHN
server: nginx
x-timer: S1682115320.274154,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ Frame 8843 0
337 B 155ms
46ms Script
text/plain 54.154.227.90

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=1296a7f52587b2da26e6fb03a310
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Fri, 21 Apr 2023 22:15:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1682115320
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
sync.navdmp.com/ Frame 8843
Redirect Chain

https://dpm.demdex.net/ibs:dpid=822&dpuuid=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fid%3D79837000997%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fid%3D79837000997%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://sync.navdmp.com/sync?id=79837000997&adID=44781267808879441841565905763096101630&img=1

43 B
95 B

156ms
156ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?id=79837000997&adID=44781267808879441841565905763096101630&img=1
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7bb8fc324a44994b-FRA
content-length: 43
content-type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v047-052142b3c.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Y8OauphBSHo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.navdmp.com/sync?id=79837000997&adID=44781267808879441841565905763096101630&img=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
sync.navdmp.com/ Frame 8843
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
https://sync.navdmp.com/sync?appNx=4729560890499072152&img=1

43 B
95 B

153ms
151ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?appNx=4729560890499072152&img=1
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7bb8fc2fefd7994b-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Fri, 21 Apr 2023 22:15:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b719d7e9-4f20-4822-b132-7d2631e03b75
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?appNx=4729560890499072152&img=1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8843 70 B
265 B 144ms
44ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 8843
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

0
316 B

32ms
31ms

Image
text/plain

185.86.138.152

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319
Protocol: HTTP/1.1
Server: 185.86.138.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 21 Apr 2023 22:15:20 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 84F5 0
862 B 21ms
20ms Script
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:15:20 GMT
AN-X-Request-Uuid: be5940bc-8f77-4c7a-a64a-f534d86e729d
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 638ad484-2bad-4741-91b3-14215e09bb17
https://www.band.uol.com.br/ Frame 42A2 364 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.band.uol.com.br/638ad484-2bad-4741-91b3-14215e09bb17
Requested by: Host: es360.com.br
URL: https://es360.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88d617a6204c4d73e67e7de15eed98917331026a167b5e4938e07e9a7d854189

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 372466
Content-Type: text/javascript

GET
H/1.1 200
OK media_w1422196855_90115.aac Show response
evpp.mm.uol.com.br/band/bandnewsfm_vit/ Frame 42A2 80 KB
80 KB 212ms
212ms XHR
audio/x-aac 186.234.127.82
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://evpp.mm.uol.com.br/band/bandnewsfm_vit/media_w1422196855_90115.aac
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.127.82 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 482b58b8daad040c1e6a3a658ae232380dd629b240bf3cbd2570d031770b29cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:20 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: audio/x-aac
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 81894

GET
DATA 200
OK truncated
/ Frame 42A2 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
70ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

bd6ea4cbe5e768b37fc832b9a477a3793e286902a46ffb6d5947171c5468bbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11104
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://es360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 22:15:20 GMT

GET
H/1.1 200
OK media_w1422196855_90116.aac Show response
evpp.mm.uol.com.br/band/bandnewsfm_vit/ Frame 42A2 80 KB
80 KB 212ms
212ms XHR
audio/x-aac 186.234.127.82
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://evpp.mm.uol.com.br/band/bandnewsfm_vit/media_w1422196855_90116.aac
Requested by: Host: www.band.uol.com.br
URL: https://www.band.uol.com.br/polyfills.985b9b7207fd4acd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.127.82 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 8bf36fce38825d230bebd5238f8dd68097c6b2f6b3420222181cd823471fd5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.band.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 22:15:21 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: audio/x-aac
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 81862

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7E8 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 19:36:07 GMT
expires: Sat, 20 Apr 2024 19:36:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FB8 783 B
966 B 30ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

028c164bd6c869f44bea124c6085a71d2de6b40cc6079a730f6d470a8a3c8434

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-amecJJsy6UAoFJ-zopxJgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://es360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-amecJJsy6UAoFJ-zopxJgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:15:21 GMT
expires: Fri, 21 Apr 2023 22:15:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame A7E8 36 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 22:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 22:32:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FB8 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=1331977944447861&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7E8 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BqxBeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:15:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 11:15:17	Name: __cf_bm Value: kSgVqxzeUcsBevIc6Ff4U3bqKRsR0DczoPtu_LWK0Ow-1682115313-0-Adr9BfL3559rFMnGcAgBsXZMQ4t7/UCN1co59TH/3bkX4N0tz1oBoqU6PQnYGyx3CWlrHKyCJgMkgwALhrYNGAI=
.es360.com.br/	1970-01-20 20:51:15	Name: _ga_5Z47YEPCP0 Value: GS1.1.1682115313.1.0.1682115313.60.0.0
.es360.com.br/	1970-01-20 20:51:15	Name: _ga Value: GA1.3.2119238327.1682115313
.es360.com.br/	1970-01-20 11:16:41	Name: _gid Value: GA1.3.1763876683.1682115314
.es360.com.br/	1970-01-20 11:15:15	Name: _gat_gtag_UA_143166139_1 Value: 1
.es360.com.br/	1970-01-20 20:36:51	Name: __gads Value: ID=86b5004c58b0197d:T=1682115313:S=ALNI_MZmlYDT_fmo2WmJOvy6N58JnNfvww
.es360.com.br/	1970-01-20 20:36:51	Name: __gpi Value: UID=00000bee154f6e93:T=1682115313:RT=1682115313:S=ALNI_Mb9HnLPbJHV2NGRYywhZE25VKPRXQ
.doubleclick.net/	1970-01-20 20:36:51	Name: IDE Value: AHWqTUnFKar-TVg9SqLMOgWewpUZ7JVgC0uTg1pHhNv2IfvCxDyeN-pet5CfFmIYgRI
.adnxs.com/	1970-01-20 13:24:51	Name: uuid2 Value: 4729560890499072152
.casalemedia.com/	1970-01-20 20:00:51	Name: CMID Value: ZEMK8lpm2qeGBfsqgRdepQAA
.casalemedia.com/	1970-01-20 13:24:51	Name: CMPS Value: 2187
.casalemedia.com/	1970-01-20 13:24:51	Name: CMPRO Value: 2187
.adnxs.com/	1970-01-20 13:24:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilatt.]!]tbPl1M>e)ZlrFUfJ+tGXxoiS`5z]a:@f^tv]RioCOS%V?waaT/F7hDw@bpRzqF1`b_cJ*/Bon
.navdmp.com/	1970-01-20 20:01:12	Name: ac3 Value: 1
.uol.com.br/	1970-01-20 20:00:51	Name: _hjSessionUser_2239427 Value: eyJpZCI6ImMxN2ViNWE4LTMxOWUtNWQ0Zi1hZGFiLWQxNTM2N2ZkYjZkYiIsImNyZWF0ZWQiOjE2ODIxMTUzMTYxNDAsImV4aXN0aW5nIjpmYWxzZX0=
.uol.com.br/	1970-01-20 11:15:17	Name: _hjFirstSeen Value: 1
.uol.com.br/	1970-01-20 11:15:15	Name: _hjIncludedInSessionSample_2239427 Value: 0
.uol.com.br/	1970-01-20 11:15:17	Name: _hjSession_2239427 Value: eyJpZCI6IjUxYzdkNTEzLTQwM2YtNDAxNy05MTIzLThhNDUyMjllZTcyYiIsImNyZWF0ZWQiOjE2ODIxMTUzMTYxNTUsImluU2FtcGxlIjpmYWxzZX0=
.uol.com.br/	1970-01-20 11:15:17	Name: _hjAbsoluteSessionInProgress Value: 0
.navdmp.com/	1970-01-20 20:51:15	Name: nid Value: 1296a7f525116c96cb79cec8d710\|1\|141
.mathtag.com/	1970-01-20 20:41:10	Name: uuid Value: 01096443-0af4-4900-8cc0-9431ba3fe1e7
.yahoo.com/	1970-01-20 20:01:12	Name: A3 Value: d=AQABBPQKQ2QCEPNE7cxTXKRuQ2SGgr944eYFEv__AP8AAAAAAOAXyiMAAAAAgA&S=AQAAArc1sWQn_R5AXsrtLfWGUPI
.udr.uol.com.br/	1970-01-20 20:00:51	Name: UOLID Value: 2115360a-c613-4494-8bd5-74785a776641\|0
.t.tailtarget.com/	1970-01-20 20:00:51	Name: u Value: fwAAAWRDCvRoNQcLC3YDAgB=
.t.tailtarget.com/	1970-01-20 11:18:08	Name: _ssc Value: y
.cazamba.com/	1970-01-20 12:41:39	Name: uid Value: 64430af753c75
.cazamba.com/	1970-01-20 11:59:53	Name: visits:1680307200:2098 Value: 1
.cazamba.com/	1970-01-20 11:59:53	Name: _czu_1_1680307200 Value: 1
.cazamba.com/	1970-01-20 11:59:53	Name: _czu_2098_1680307200 Value: 1
.cazamba.com/	1970-01-20 11:59:53	Name: lastPub Value: 2098
.cazamba.com/	1970-01-20 11:15:18	Name: synced Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.band.uol.com.br/radios/bandnews-fm/vitoria Message: The resource https://me.jsuol.com.br/aud/band.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	error	URL: https://as.cazamba.com/cs?publisher_id=2098&g=1682115319 Message: Refused to execute script from 'https://tags.bluekai.com/site/31435?id=79837000997&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9975a774f8a894059ac78cc033ac276d.safeframe.googlesyndication.com
acdn.adnxs.com
ad.sxp.smartclip.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.cazamba.com
api2radios.band.uol.com.br
as.cazamba.com
beacon.krxd.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.t.tailtarget.com
d.tailtarget.com
dpm.demdex.net
dsum-sec.casalemedia.com
es360.com.br
eus.rubiconproject.com
evpp.mm.uol.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
imasdk.googleapis.com
img.onesignal.com
m.t.tailtarget.com
match.adsrvr.org
me.jsuol.com.br
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel.mathtag.com
prebid-server.rubiconproject.com
prg.smartadserver.com
privacy-sandbox.uol.com.br
pubimg.band.uol.com.br
radios.band.uol.com.br
region1.analytics.google.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.addtoany.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync2.navdmp.com
tag.navdmp.com
tags.bluekai.com
tm.jsuol.com.br
tm.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
tracker.bt.uol.com.br
trc.taboola.com
udr.uol.com.br
ups.analytics.yahoo.com
user.band.com.br
usr.navdmp.com
www.band.uol.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
100.25.247.168
104.111.217.14
15.197.193.217
151.101.2.49
151.139.128.10
162.19.80.91
172.217.16.194
172.217.18.2
18.66.97.53
185.80.39.216
185.86.138.152
186.234.127.82
192.229.221.240
2.18.233.201
200.147.4.47
2001:4860:4802:34::36
212.82.100.182
23.35.236.188
23.56.202.187
2600:9000:2057:c600:18:1fcd:351:7bc1
2600:9000:20eb:aa00:6:9eb2:5cc0:93a1
2600:9000:2127:a00:1:aa11:940:93a1
2600:9000:2127:b600:1e:82d4:d9c0:93a1
2600:9000:2251:4a00:6:5b96:3f00:93a1
2600:9000:236e:7000:1:bcff:6780:93a1
2606:4700:10::ac43:2794
2606:4700:3035::6815:5c4f
2606:4700::6810:5814
2606:4700::6810:df3
2606:4700::6811:190e
2606:4700::6812:d63b
2804:49c:3101:401:ffff:ffff:ffff:52
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9d
2a02:2638:3::c
2a04:4e42:200::300
3.69.213.122
3.75.62.37
34.102.185.99
35.186.194.101
35.201.123.184
37.252.171.84
52.212.178.201
52.71.154.29
54.154.227.90
54.72.3.113
65.9.95.111
65.9.95.21
69.173.144.165
81.17.55.112
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
0102d374bd3f3744190b2c7449784dd29f78679fe61017c82ef35b788087204f
013deeec837f58b15d19f79b6dc4eb844e26edc6425c3bc95078413fff257397
0277965a25f47657bbf590697b5606d5b26d0d77fa743ca21af79d460584c726
028c164bd6c869f44bea124c6085a71d2de6b40cc6079a730f6d470a8a3c8434
030bb0dac75d2f783ee81c602f4e4703676e6ac60769c44e02e7e48a61c155c6
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98
051ac3a3782c01b58a8ea3bd27684cf16b0f64aaa57d1ca8d0267a00621215fb
053d91350c461f9bb575c22e2be01f990429addd476b87aea57c4b882dfa002a
05f0ecbccd078f17791dd6b064d3a05db93bc298f425e43b9d397eb4bae2a920
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
09c1346734a33e14ebabf2e138b89cb5743842fa932adb587a5d039a5ce7bc4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7f127b617e4079ede976db4d343d3948b3bb7a2eb45bf7cff046edff5123d9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144eb8ab106e18b9914e4fc2ebef53b196edb7ee45a10afad993b7205a43584d
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
18a646b56a03e1ee71410e1654bf367c7228618409f6205d9537e33423ce11e8
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1a6701736cc6655d810fe17f98d4291899eef2f1373d7bab8db94c14c01cbdeb
1a7fa317392b38fb902decbe4257ca3193c79d48a61adf31f0ed7a18f7b2118e
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5
1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
2248db0068086bbb92bedb6fa2ad1f2dc1cf7c56b6ecba14a66ac5ba54ca5418
247228df59415e4e428ec3c48eeecf871b509aaeb7d8f2e50818a7ba41c7bc20
259e21f1c667731ce965e1c0897b071b28a8f5f1bf4581666a17eab6341fa8a9
26724330408e55ffd4478561a663a3c913681a68abb6735c4f89316c89da8f6a
26e61a717e74f7630aa6c9bd8e73e7ec66a0f873550e8266159a6ed80c841682
2792b58c90b8b7fc572d850dafcf94b8ac1dbf2ae4afa323986782ce24b5c60c
293e05ba595e7b7af22917de137e38aecb7ae252c23b2be96d0701d80d967c49
294335e67ff1981d358faeb07786e65cd79e09fd5b4710f1d1812e0d05cee94e
2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402
2ab5cebfa08bd247fd529bf1e1bf8d12558ee2a537df9bbc56cd49968249a9b4
2be1dc67de3a0c5d94cefb9af7bc2607481fd0c2656796c364d7e9b7571e742f
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f
3269faf8d1e2084fa30839ed00a109b071e79ad0724cdcca25d364d9f4d0727e
328e8ec84f2ca5c61955d15ef7f4dd07a949ed03e7e1ff58bc9b877b22c1c1ad
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3706a5e485aab74e92c27bd0fa10327a26867d3e404e5403929392dc6c1e0e61
37077fb825402cfe9eb8fc923cd1be3631875233838ffdcb40128edf8d715da0
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3d54aebe0d34ad13b6ff9faa8c2998e522dfa20020365aaf6c779e12c4af132d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
4410a85ed8242603383ec1d9b76af4341616ca16e0dec09f3b1b1230cbf30e1c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b427cb2ddf6b79a8edff130e504b40704f8d665697d7870de8bbfc10e4b965
44c324cff87e334e28fd5518756df6247770bafd4c93b044015727dea450d9a6
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
461e8a81c0663f526af92991ae4f30639aca9edc356e26309b11207fe49eae68
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469455ad8031f001a274005ce3ccf72c83aa3a1676a943eaf8ecc6c7dc42b6c9
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
482b58b8daad040c1e6a3a658ae232380dd629b240bf3cbd2570d031770b29cc
49259ac88985ac895631f402be923ea89f38a4d34a7e3b97c19bcb6ef60a1a29
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51efad84fb3eab3cd338317629668302580abcdaed877a8525a83516a247b222
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bd20ff64e2c73d4870a30755844dcd63ff4aeb044c3235ce6a8d24b2840b8a
57867970db92f0ea2de63c77a9b8ef6e8e46fbdaeb7acea81d26f74a859ce919
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5aaa742fafffa743547cd71851a5d4a410c55459c0a10f3f28a759ff7fb514db
5b984406083732916698df19b0a9907473d598f5f1659d86c8cc00a46411a427
5cc7315db26520dd79c42707fe43e17b1806a69cbd952438c48aa21fb17a8bdc
5e5c5d9b756fd56b389e2c83c7551c489eba64387434146ba45b549764fdb0b9
5e630ade354fa3ff25b807125e0daeb20fbb73e708633c6f2aa51b2ecd312fb3
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61200b4b8102640ba15907334bc261c78da4d4a920122026a15c6946bfd7b450
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
672666feb142f350fe994925df87f7e2a8bcab62473baa38252ec7521b8c2145
6a1a5929f789bfdb477a3c36f25723c2006ae5b8306bfa02caae7c4348afc7da
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d1ae912dc5b2e19d2c6bee9bde61d6a9e637f642582304ace2c91ce8171b10e
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
71b81a7312167d605b3350faf8ac81cc97ca63130e23e611504f2e997e4a3683
73710b1fb1d9e424d71516b5078cc15fca91693afaa22b9a9a9de9350c9ecb83
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7a07f37942849ffe468653f959c2c5eff570b2f67aa2b2353efd1dfd82ddd8ae
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7bca4e2d6e7ec7d6015efd4f48c036b0bbe6ffb5d22490c6a4c04870d8f8f044
7d0adab3b3a52b564eefa07cf9505e35e86fc35f2e1b80a99b097092ed031c89
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7db041d594ec994e63f9fd385dc1cfaf73d6a890801a425ef9baa8a827fb8d16
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
8219d89498c6ff397abb97fcb2e1af38b112c54569c288fa650401c84dc41ef3
82556fd1e39bcf7669059075100ec82cda525726a76310ee731aa424088ca6ed
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
87e03679ec1e4724b9a1ba57302db1e442214a966d1631e6fd871ca4a39fe43d
88d617a6204c4d73e67e7de15eed98917331026a167b5e4938e07e9a7d854189
8bf36fce38825d230bebd5238f8dd68097c6b2f6b3420222181cd823471fd5c3
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
8f5a097ac507264e5c7c4aa4dc9a059909579bb110b4495bb9e2a3bb7107e9e4
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91d33f9d8c51446cac0d15fe1dab834d7a5d22b8d4cca68fc4f214a67c89f873
91fe360f6381048dae14a5b250747b97355e0f5c520bf2376b78a45e399e15b6
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e519229feb7549d189ac77807b5d3e87409c59969418fbd014dd7e143eb62a
97b101ceda5073002eec6f045971aa4d535a3ca5a73125cef87ec2352a442500
9a7088f1c0e665e917c3bec87c8515d678570f07773a1dc4aa8fb9f70932a912
9c01a110177775d4ad4b8936a21234effe64115c01d0a24125a4dfe7e7118b6b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d97603d9977b79f83f46952d31d0e71682406c0b2b7dbb0619cc26bb5e58482
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01bc61a8e40ed27487b58d74b77b265071033672e98b76ab414017466dec2a2
a0483e82a75d97c81daa0de54dd16e02e2dfdba06a0b0e76266b5b0036b4e145
a1e3d5bd4743410242ff9ccd03d5284734131d1314b556325108ac9a729139b6
a4056b5e2cd355544edf9f7293abc3323de55b8c0deb0ff2a1e13638767f3dca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d1d91357777bed7301a1a79dc0b715e63a576781a658037fa166ec4ff986dd
a69217d8316a77e6b5df7d4c905c42ae08b518e6548efe4adb4a4557c56c9199
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
a90592de6632dd235b7e2a658e580608358ee2c53af6142b7534fa9e40439be3
ab9fab043feea6a3abfe0464ead0807b86ad73935688c8de4137965c239d8157
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32359ec94158e5ca101115130040f90731766aa1e859b3557f9968144f16c77
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b60a916b15f73f9395ce0f41154c2da62ad7a26d1e6fac58294e6a75ef7dbf23
b832d7a4c084fe2e9228073668d6cc7506c47b736d563f23e56c8a059354e351
b8704b7012c74102e4de6ef06f5451e5ae6e78b6a57d2990eb968f9d41ec0886
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb97d9e11cbe43a6dc611277fc2228e1ba186c2ed08371d4e4f078cf0a1d0ad6
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd6ea4cbe5e768b37fc832b9a477a3793e286902a46ffb6d5947171c5468bbc5
bdb431b26a33e5c082aac8fa0bf7538e6a49407e7a7cb51f84c3b5a8f7758d68
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
c074a973f140b79ec02fc19956622488fa9c4e088ad57a348e837f9f2365e08a
c15be8d0d135fda1e2c31ce2f3c5843a81b3b4db44816e9246fa1d91298f6a47
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
c2409acddd1f29ce36ef1770d6741389980ca6c5cb73780dbd9d64e292424965
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c4af0610e2c97ccc7e950f4a36211b85429de43cf5b0069bc4331e644568bd56
c57bbdfb8b83d64050aee4f1c4a21f230e5c92e3cdc92eda755733c6f5da1560
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca338cdcc12a4780bc62305873810ff78d07fc9cc97c4e2f04b8134ae9d97155
cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e
cd09f3ae549910bee7b2ae7a0dcd0660f8c5de170448ce2f85cd93fd6d6fa365
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d3b4fe8ce5c5ef273ae3e4d0ffd69210706551212761e5a491aa27e9dcb367ad
d495cad6b4d0121b05e9f4cfdf332b4dfdb4de8c175c9fdcbc2025473b84b901
d868b434e43d5967c5f3787fb4317f2b7f9a3d8b6fadb48cf6020bcad3421a25
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcb9bc1bc78d90f71123333c57089c68c1d8133c8762ddf3cca8684f9a04c9d0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e016658e02001b5d30c4e2b83f9149c0eb77400c36584203c56799330882111d
e0e711075ab0cd7c921c804f3b2be8b8d1f02b6826fe04b48d66ef0ff90da48f
e3835e719bc4fe2d88680e92ba146e0f54656d236af12dd1a90bb91628ee4317
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4f688b0da81360677c6a6dc620761a4bdf4237f9c652001bea33d1d0c587710
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
ea05cc8ab1b71e68ecfc0c9cd64cf800181f4d8c4589650b2f285ec153341e62
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb9a08faa69a21c3961405a672f0768385ed6f67e9c6fec8a10ee38bb96826ca
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef0c7504e5fd7d49af153da667763058646be7b975b920d7f97df0aaa1fcb841
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19edb39fafced74139e21e8bb2ecbd792611ffcbeaa8875920bf0905c0deacc
f1a965322ac47090a70b6dc7c27c9165c9e3f998708dc773f45ec0375558516b
f3ec02f736323c387904319c0bd5008dea1adc9a84a7523e73f1bab91b5a4c7d
f57b13317750303374adbb47a00f3561ff33b22287494417a041bbebe605bbad
f59b3b78e5d5773a33faa8a5d30271f0ac84b44aca0bf065217d10e5ccc16a6f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60905e46dbbfdecddcaae00372a25f09954b861c323d1db7898c5802c523ba4
f6361e111e0ea8fc8fefa7e64c8b1481bfe492de9a30f672e7cfa498e582285d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f6c11e77e31ebebf9c0387532124ef9a473943891f180e68008957174b75fd5f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f95ed5bc1a6dbfa54d5f29690c65b0ba7402a3c67d2915c9431ba581896f79d2
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

es360.com.br Open in urlscan Pro 2606:4700:3035::6815:5c4f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

286 Requests

95 %HTTPS

53 %IPv6

44 Domains

81 Subdomains

63 IPs

8 Countries

9791 kBTransfer

17424 kBSize

31 Cookies

4 Outgoing links

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

es360.com.br Open in urlscan Pro
2606:4700:3035::6815:5c4f Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

95 %
HTTPS

53 %
IPv6

44
Domains

81
Subdomains

63
IPs

8
Countries

9791 kB
Transfer

17424 kB
Size

31
Cookies

286 HTTP transactions
15 data transactions