portaldosaopaulino.com.br Open in urlscan Pro
2606:4700:3036::ac43:c9b1  Public Scan

Submitted URL: http://portaldosaopaulino.com.br/
Effective URL: https://portaldosaopaulino.com.br/
Submission: On December 09 via api from US — Scanned from DE

Summary

This website contacted 47 IPs in 8 countries across 38 domains to perform 207 HTTP transactions. The main IP is 2606:4700:3036::ac43:c9b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is portaldosaopaulino.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.
This is the only time portaldosaopaulino.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 42 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
3 35.201.123.184 396982 (GOOGLE-CL...)
3 151.101.193.44 54113 (FASTLY)
2 65.9.95.81 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.65.44 54113 (FASTLY)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.212.5.247 16509 (AMAZON-02)
6 34.102.185.99 396982 (GOOGLE-CL...)
1 34.98.64.218 396982 (GOOGLE-CL...)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 167.235.142.248 24940 (HETZNER-AS)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
5 11 142.250.185.66 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 151.101.194.49 54113 (FASTLY)
2 2 213.155.156.166 1299 (TWELVE99 ...)
4 4 172.64.151.101 13335 (CLOUDFLAR...)
2 2 216.52.2.6 32475 (SINGLEHOP...)
2 104.18.36.155 13335 (CLOUDFLAR...)
3 4 185.89.210.153 29990 (ASN-APPNEX)
2 142.250.181.230 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2620:1ec:bdf::63 8075 (MICROSOFT...)
1 104.18.28.137 ()
207 47
Apex Domain
Subdomains
Transfer
42 portaldosaopaulino.com.br
portaldosaopaulino.com.br
743 KB
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
354 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
293 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
313 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
884 KB
9 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 71029
d.tailtarget.com — Cisco Umbrella Rank: 77929
tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227
b.t.tailtarget.com — Cisco Umbrella Rank: 60259
cm.t.tailtarget.com — Cisco Umbrella Rank: 17921
t.tailtarget.com — Cisco Umbrella Rank: 15832
38 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
4 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
3 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6765
778 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
8 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
pm-widget.taboola.com — Cisco Umbrella Rank: 3686
257 KB
3 nsmedia-advertising.com
info.nsmedia-advertising.com — Cisco Umbrella Rank: 371862
c.nsmedia-advertising.com — Cisco Umbrella Rank: 337302
2 KB
3 vsrv.media
ad.vsrv.media
31 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
192 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
672 B
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 27971
ui.cleverwebserver.com — Cisco Umbrella Rank: 28712
call.cleverwebserver.com — Cisco Umbrella Rank: 29496
48 KB
3 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 117582
73 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 trickyrock.com
b1.trickyrock.com — Cisco Umbrella Rank: 161353
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
26 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
647 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 myth.dev
tracker.myth.dev — Cisco Umbrella Rank: 721254
2 KB
1 bwin.de
www.bwin.de
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
543 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
464 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 nsn-server.xyz
scripts.nsn-server.xyz — Cisco Umbrella Rank: 290008
160 KB
0 loopme.me Failed
csync.loopme.me Failed
207 38
Domain Requested by
42 portaldosaopaulino.com.br 2 redirects portaldosaopaulino.com.br
cdn.pn.vg
23 s0.2mdn.net portaldosaopaulino.com.br
s0.2mdn.net
14 pagead2.googlesyndication.com portaldosaopaulino.com.br
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
13 tpc.googlesyndication.com portaldosaopaulino.com.br
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 www.googletagmanager.com portaldosaopaulino.com.br
www.googletagmanager.com
tags.t.tailtarget.com
11 cm.g.doubleclick.net 5 redirects 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
googleads.g.doubleclick.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googletagmanager.com
portaldosaopaulino.com.br
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
7 securepubads.g.doubleclick.net portaldosaopaulino.com.br
securepubads.g.doubleclick.net
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
www.googletagservices.com
5 www.google.com 1 redirects portaldosaopaulino.com.br
tpc.googlesyndication.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.de portaldosaopaulino.com.br
4 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ad.vsrv.media 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
ad.vsrv.media
3 www.gstatic.com portaldosaopaulino.com.br
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
3 www.googletagservices.com portaldosaopaulino.com.br
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
3 cdn.pn.vg portaldosaopaulino.com.br
cdn.pn.vg
3 fonts.googleapis.com portaldosaopaulino.com.br
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
2 b1.trickyrock.com 1 redirects c.nsmedia-advertising.com
2 c.nsmedia-advertising.com scripts.nsn-server.xyz
2 cdnjs.cloudflare.com s0.2mdn.net
2 ad.doubleclick.net portaldosaopaulino.com.br
2 ap.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 d5p.de17a.com 2 redirects
2 b.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com portaldosaopaulino.com.br
d.tailtarget.com
2 d.tailtarget.com portaldosaopaulino.com.br
d.tailtarget.com
2 oajs.openx.net 1 redirects portaldosaopaulino.com.br
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 fonts.gstatic.com fonts.googleapis.com
2 sb.scorecardresearch.com portaldosaopaulino.com.br
2 cdn.taboola.com portaldosaopaulino.com.br
cdn.taboola.com
2 tracker.myth.dev portaldosaopaulino.com.br
tracker.myth.dev
1 www.bwin.de c.nsmedia-advertising.com
1 info.nsmedia-advertising.com scripts.nsn-server.xyz
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
1 r.turn.com 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 t.tailtarget.com portaldosaopaulino.com.br
1 cm.t.tailtarget.com portaldosaopaulino.com.br
1 www.facebook.com portaldosaopaulino.com.br
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com portaldosaopaulino.com.br
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 call.cleverwebserver.com portaldosaopaulino.com.br
1 ui.cleverwebserver.com portaldosaopaulino.com.br
1 tags.t.tailtarget.com portaldosaopaulino.com.br
1 scripts.cleverwebserver.com portaldosaopaulino.com.br
1 scripts.nsn-server.xyz portaldosaopaulino.com.br
0 csync.loopme.me Failed 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
207 61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
wecel.com.br
instagram.com
youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-26 -
2024-03-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
myth.dev
E1
2023-11-01 -
2024-01-30
3 months crt.sh
pn.vg
GTS CA 1P5
2023-10-25 -
2024-01-23
3 months crt.sh
scripts.nsn-server.xyz
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3
2023-08-06 -
2024-08-04
a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-09
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
ad.vsrv.media
R3
2023-11-17 -
2024-02-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-18 -
2023-12-17
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
nsmedia-advertising.com
GTS CA 1P5
2023-11-17 -
2024-02-15
3 months crt.sh
affiliates.kindredplc.com
Trustwave Organization Validation SHA256 CA, Level 1
2023-08-17 -
2024-08-16
a year crt.sh
*.bwin.de
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-27
a year crt.sh

This page contains 23 frames:

Primary Page: https://portaldosaopaulino.com.br/
Frame ID: 275458038C16D4CAE70D2428C8D7BC00
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 69106E7B06BC241946C3A237CCB32AD2
Requests: 1 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D06014EBD753ABD1F6E091EE924DF26
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldosaopaulino.com.br
Frame ID: 9B8A0C17DF8C02CD08F1F31BAF1B4558
Requests: 2 HTTP requests in this frame

Frame: https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 98BC7949209CC4414D5F623DF8C2626C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1702156458&plaf=2%3A2%2C7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702156457733&bpp=3&bdt=504&idt=439&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2540047951256&frm=20&pv=2&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079866%2C31079979%2C44795922%2C95320378%2C95320885&oid=2&pvsid=1321651908090885&tmod=66995599&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=453
Frame ID: D3BB1A5661F6D3C85E03E318C833338A
Requests: 1 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A468CE19FCF544481006389DFE42A71E
Requests: 5 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97F4A7297734D0E7610B34AF0BDD990A
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8D247417019680CF76381531F3132075
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 653D5B538A809A51185B36D0C6CFCD50
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 454E93A77C0D239AF975EE3733A84924
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 8C625E732031FFBE72797EEFAC26CD78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCC539EB1E16764CB0FD95F9A9AC8807
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66B47B8094E39F1103413CB90DB604AE
Requests: 2 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BE4025D16FDCC8554649E615A0FE127
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Frame ID: 483B17C19C4491A9E791DE59C8866AF7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08A889E04129C57F44BAD7F269F72A77
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 901CCD6E6F0E77F72D906C7262174F8A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Frame ID: 3AE5FC7E10B2DB5DAFC249E2441B8513
Requests: 24 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Frame ID: 72FB1C4125DA74FB9BEBEAB1D128E959
Requests: 1 HTTP requests in this frame

Frame: https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
Frame ID: 8CB32F2C9DEBFBFCB5E3925EA765534F
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Frame ID: EA3EB11C3587FC0ABB791E04B1A32887
Requests: 1 HTTP requests in this frame

Frame: https://www.bwin.de/en/mobileportal/contact?wm=5322937
Frame ID: D9C5349CE829E66A8A52A10D6998AE83
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Notícias do São Paulo FC - Portal do São Paulino

Page URL History Show full URLs

  1. http://portaldosaopaulino.com.br/ HTTP 301
    https://portaldosaopaulino.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

92 %
HTTPS

58 %
IPv6

38
Domains

61
Subdomains

47
IPs

8
Countries

3561 kB
Transfer

10596 kB
Size

49
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portaldosaopaulino.com.br/ HTTP 301
    https://portaldosaopaulino.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldosaopaulino.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldosaopaulino.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2
Request Chain 93
  • https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Request Chain 125
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
Request Chain 161
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1&google_push=AXcoOmRugqwzXiFZ4qGmp3AGlEYIQaPfFIi2WjEAch0e6HKGrl5K5P2abhjzQfaHt6oxAi-GTZmy2PtXikNNZyClja8e-WyGpodi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2NDU5NDA5MjI4MDA2NzMyMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
Request Chain 163
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_cver=1&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N
Request Chain 164
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0- HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-
Request Chain 165
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_cver=1&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu
Request Chain 166
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Request Chain 172
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTYq71vMBKpFQXweyzHvQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKxFZf_ixol_dJe9jqF1P0o&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D
Request Chain 207
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664 HTTP 307
  • https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF

207 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
portaldosaopaulino.com.br/
Redirect Chain
  • http://portaldosaopaulino.com.br/
  • https://portaldosaopaulino.com.br/
187 KB
49 KB
Document
General
Full URL
https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.13
Resource Hash
b4d5da27286eef36cb0d5f0ff2e509d72d82151e11fe3d08d8c0aba039fdc9f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
833041bebf179be6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 21:14:17 GMT
link
<https://portaldosaopaulino.com.br/wp-json/>; rel="https://api.w.org/" <https://portaldosaopaulino.com.br/wp-json/wp/v2/pages/86>; rel="alternate"; type="application/json" <https://portaldosaopaulino.com.br/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ouj6RGy9x2C5ileGEg5udyw23uWD8bJFkRrm2PNdUlaCxtKKjZZ4xmEtU6G5U%2B5FeDPJYYjN6OHou97Ws9tW2ZSjB6RGY07F7CYcYZvNlq31HKjG0BYEkIuzR0afY%2Ftm5AmLHVowNJWHu8fHBRycJHxPTEPSQU2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
x-powered-by
PHP/8.1.13
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
833041bc6b471688-SJC
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 21:14:16 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zw6ZgBj3P%2Fx2YY5SepZdfkmJuzLQ1e63bNNn4io9IgBO8A6lOa%2Bjh7r8yX88DG%2Bgf0mYrHxP8V3J%2F09pRBhyzO87j5nXo6zj0k9uTbui2JP1b4AQrfoxE5cbIb1fWWq%2FQyAbVW9dDtu3037XvVkztRACsNEhZgKX"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
https://portaldosaopaulino.com.br/
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-powered-by
PHP/8.1.13
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
f4f15d9507bddaeb030d366a2b62fff4.css
portaldosaopaulino.com.br/wp-content/litespeed/css/
1 MB
169 KB
Stylesheet
General
Full URL
https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b855f317639f2d0b5d010f65280c401552e039e67bff9afc2dbb06dd89e648c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36966
cf-polished
origSize=1388115
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 21 Nov 2023 19:37:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCV2CRlwIFSJhJ8el9ryQ1IcyBA9opQhg3lBGNU2S9YjteAqm3TL6YW%2BAikX1SsdCXMRQBxs16cthXuG7k4Tjyl6Ifw3n64TDcOo8gg%2B%2BlN7ZExHAUhVfVehkV4GjSWHbP8xwGVRUoIxOi3OT90dC5rtT8srdoFo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
833041c1ba8b9be6-FRA
expires
Sun, 08 Dec 2024 16:58:11 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:14:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 21:14:17 GMT
jquery.min.js
portaldosaopaulino.com.br/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://portaldosaopaulino.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 May 2023 14:52:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
86982
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F8LctYTaqpoPKNGd6kme1hewOqHzyDSFXodvZaSgPa%2BbJ12SqQxVgQlOGgMeUeULX0b0VshWRIAGOLUwazI0NTyllgtJkEW9pw6p74pxdnJa76008OzLS7OJstg4AlYpGLscEdtXpOmuBbGXNf%2BRi1bZ3q6LIqn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
833041c1ba8d9be6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 08 Dec 2024 03:04:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d847ca8605f476557753ed7da645a0481d984f7dacbfe2116957be3444c6fe7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29304
x-xss-protection
0
server
cafe
etag
246 / 19700 / 31079992 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:17 GMT
worker.js
tracker.myth.dev/js/
1 KB
1 KB
Script
General
Full URL
https://tracker.myth.dev/js/worker.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 09 Dec 2023 06:44:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFYRxKVVqgOtGY2%2BWzAZxMhhtpYSRK%2FIjlgFn3dZmQqDXSBjsb49Km4%2FJ21KEUhSMnGhwNtUW%2B9jKB6A%2FVttORgDnpG%2B6iFrWSQkIC8gL7oie2i2%2B31ZC8oIl7rQ%2BKpI%2BtDAtN7Wq%2BIzw7j6h9ha"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
833041c32e8118c1-FRA
c21ce561-8fdd-41cf-bfb3-40626a5688cb.js
cdn.pn.vg/sites/
2 KB
2 KB
Script
General
Full URL
https://cdn.pn.vg/sites/c21ce561-8fdd-41cf-bfb3-40626a5688cb.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d071bd5b78fd862b103e59b78c4f1d4a921434a564af2bc480df5a8773f1c26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
via
1.1 9158fa1ac72d0c0684fe558c8655aeda.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS58-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 04 Dec 2023 18:58:37 GMT
server
cloudflare
etag
W/"62c98edc20545f2f5e5d396b9c860fed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6K4IDLFl%2Fs5%2FgU8aPOp335ACcg%2Fav5GU1Y6EV7HCE9qiblss7ogo2hbkyeKaV%2Ftdd%2BoT5%2FkNWXnhwGhUi3xixX4eGAhQNkT2VI0rYPVUIpTT0tUbVzxgPdIV4h7TFtDG0ANHiDuJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
833041c3384d5c80-FRA
x-amz-cf-id
qjEQGgEkNr3WS4Rq8rLwVEZuuLfU1qZERbS8FKYeL2E3ukne-hxPaw==
65f4819358a0350613fc487595debb5e.js
scripts.nsn-server.xyz/js/
446 KB
160 KB
Script
General
Full URL
https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9600:1:825a:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6f5edf2e64374522e12e4ffbf608e7cd3fb5ff6b120a8600064173d77404e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:51:49 GMT
content-encoding
gzip
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 11:29:09 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
51749
x-amz-server-side-encryption
AES256
etag
W/"979a39574634933da690da037622d1cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
19-znyo5VhsHzVLlEPyAiClGlKKDqtW10-lwNRUBOP2Qc-FsXNgeQQ==
js
www.googletagmanager.com/gtag/
187 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192628768-11
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef184f43e8b7d8995df8350c563f99de9410fa928b78664f1c5e9b972cc087e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69137
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
js
www.googletagmanager.com/gtag/
132 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
457d70a382f9be1b2020b363874e10a2f0f4798ea640f2b92a9e898404059580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51590
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1875d9d8f466d3ea4d82ca11837c3d4e8635438162fa3d52629e09d79501989b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52370
x-xss-protection
0
server
cafe
etag
3463467874495317995
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:17 GMT
gtm.js
www.googletagmanager.com/
168 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN82V75
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
442353adce06fc2def880e6f81fa675e08086cdcacd1a4a0352c5ae1159b0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
62127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
ce475bcd225647dd4c1cc16a4f5cba5e.js
portaldosaopaulino.com.br/wp-content/litespeed/js/
279 KB
83 KB
Script
General
Full URL
https://portaldosaopaulino.com.br/wp-content/litespeed/js/ce475bcd225647dd4c1cc16a4f5cba5e.js?ver=a207b
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0140705704ef7b1087b2b70920e357f60bfcc1c20232371bd746079fc34a0192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 21 Nov 2023 19:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhTMTHEiolggsWt1YsrFawteAhnf3l%2FN6ZvRDTf4xZQ6MgEhz8KuwYnKlvgCbYfoCPURg1DhQINBEoYu31m68pzPVfTTnUbOhR4ZzrGxn4hkuFeSanC6oxBv5oY%2FytnTCHChZUEQB%2FB1iltSuNNsBwug9gwtoObV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
833041c25f7a1903-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 09 Dec 2024 03:14:17 GMT
d6172d2d110646a4384c44faea26b6eb.js
scripts.cleverwebserver.com/
129 KB
47 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/d6172d2d110646a4384c44faea26b6eb.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d0cfb7980bf2625e1d0ea022cfe8608a962bf2554d80438563b68780fc62a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
x-amz-version-id
3Xidbwiow1tqDDQHBw1fUwlIgJE0NNtL
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 22 Nov 2023 14:11:32 GMT
server
cloudflare
x-amz-request-id
RCZ1XVEQDWATAS1B
etag
W/"a08e047bdaee4ec9f331cfdf51dbe6c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
833041c32cea9235-FRA
x-amz-id-2
7cfPd2VIDPoOexG9vEyYXEQT1IZpiTsZTfBOCO5Yzct+hWzkLMbCmGiY1CRckgWUvsZ6fCxtU+Y=
expires
Sat, 09 Dec 2023 21:44:17 GMT
t3m.js
tags.t.tailtarget.com/
73 KB
21 KB
Script
General
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:45:35 GMT
content-encoding
gzip
via
1.1 google
age
5322
x-guploader-uploadid
ABPtcPpREMvUNV6PbU2wpTiZdWPkcCx-Mf0VvVxmI-a9jVBa0GS4h3JQrPB_iYXBzQ7JocxsdX4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21234
last-modified
Wed, 13 Sep 2023 13:22:21 GMT
server
nginx/1.8.1
etag
"13721cc7c233ffe3299c16c1f82c8394"
vary
Accept-Encoding
x-goog-generation
1694611341874847
x-goog-hash
md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
21234
accept-ranges
bytes
expires
Sat, 09 Dec 2023 21:45:35 GMT
loader.js
cdn.taboola.com/libtrc/portaldocolorado-network/
534 KB
57 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c89c9b6861af5a4742d34dd42ae346eec1548fc87291e681a58dc89bc4cd7ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vWw8uUnry.FmbgtHBUERGeqzliu3jigv
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id
FHJN22S55ZGEAYN9
age
54
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
57924
x-amz-id-2
jL3BRnEQJJtSwILuQ+55eU24KBFNqYOcZs1mnagRGqvjXU8yuyl0J9JebnpHsM2QbJtuy0NJsgQ=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 07 Dec 2023 13:17:58 GMT
server
AmazonS3
x-timer
S1702156458.505406,VS0,VE1
etag
"f019b9f385e45c9c4e0d84d128bdd565"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-81.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:13:04 GMT
content-encoding
gzip
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
32473
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TCsnUGnIj9W45FXxCr0nHwYj26HICG1JSJuh0BWgeYEs25r0Jd3M6w==
truncated
/
165 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ad70e9fc5042aff04b7e3525872f856c39f5ea2044289fe97fad73943d7645b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
165 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f8faf0b90a2595f55ae63b5b56315684c5d6dd1b42c1414b4f0970e7c6a3d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
Justica-1-e1702044174297-719x430.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
45 KB
45 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Justica-1-e1702044174297-719x430.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00376f9f7470c6e32e5820d3c1d9fb6d447be4be7394326e1c2d4f2ebfd94de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 14:02:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nuYziSsD5HgOpaKzxxosOKsQwNXq5CO0gZF%2Fu3UVy6gCc1uKasfnn9HRbzySPzaOFTOrVIlL7nrJareO0Omyq9cU76idBaljlnjzFOjBh3oFmLYG6R9f13LNOSfA0beSoXWKM5sJ5qbEj0tZeXhB35F6IKknLyN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308491903-FRA
alt-svc
h3=":443"; ma=86400
content-length
45864
expires
Mon, 09 Dec 2024 03:14:17 GMT
DORIVAL-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/09/
12 KB
13 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/09/DORIVAL-279x220.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a703ddf118c196b2ee6570b2588e7a28602e5b91004d0a681237a417f2904453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Sep 2023 22:39:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2%2ByXfs%2Fn9eM4SXgOofmMYW2dAtTlUeouAe8Dxqu9h78QDLMV1UlxT43ikatJRNvkDEWN1yFfsfUu1eS6gtcV6hAMSlNvvxPugFmJWW299qjpjrzwjv9yQVq3GA0SU8oOapvgdYyLT0xaQ7q2NXig%2B5E3DETVUa0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3084e1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
12385
expires
Mon, 09 Dec 2024 03:14:17 GMT
Silvio-Santos-2-279x220.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/03/
10 KB
11 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Silvio-Santos-2-279x220.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5076e41fbbf7586f03442f95f43c631be8c11d3890b857451f760d23570fcd02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Mar 2023 17:33:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDgrJo71ii9LwbgoGlDkeMoOSDj9BwGQMDCoSf9zjeukCwpLOQsB7gAfXkxbRMJIvQJ9vO%2BE6VOla7DjIygKZ2SoDEG0dm2ELETg1RWItxt7jjqNHwPDWGXqDDMDb2r7XI2cgyEk38a0bajOceaxlSJfE9%2BbjMlx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3084f1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
10538
expires
Mon, 09 Dec 2024 03:14:17 GMT
Cotia-1-SPFC-1-e1689621875233-279x220.jpeg
portaldosaopaulino.com.br/wp-content/uploads/2023/07/
13 KB
14 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/Cotia-1-SPFC-1-e1689621875233-279x220.jpeg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fd25c18303d1778941d8042740a293e075e270c80791b5a66b39382a4a44a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Jul 2023 19:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vH74m1ctiedf9ckOtQLp7JdLHYGKdZ5NXQB6CoTAheq6qBZkP0b3GzVO82wfAQj3hobjIPYoObWDVKC2rnCRCQim18L0RC9X3I4b5HOy6GvBfR7Il%2FFKbpfMCknEpX2J%2BIIu8DWi0w1D48sWVquOmOipPBYFrT9V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308531903-FRA
alt-svc
h3=":443"; ma=86400
content-length
13564
expires
Mon, 09 Dec 2024 03:14:17 GMT
Nilmar-Selecao-e1701702853567-279x220.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
12 KB
12 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Nilmar-Selecao-e1701702853567-279x220.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b5a736297a719f1347180cc01a19ec31bec168c813b732d13567b0bff9f016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Dec 2023 15:14:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQbE3%2FDuflsUyq047Ikeslwou%2FvtIKXNct4KMPiqaH29OmDfZVGCJ8gLzKVkoDsDGmOybq2q1zDy2MN7I%2FkcQd56lydXTzf5EKdNldIhtq5%2B09ram2vVzaD3eQzYndXR9X0SGNV%2FtM7AZpxM5wNKLQOihppS7ERe"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308551903-FRA
alt-svc
h3=":443"; ma=86400
content-length
12056
expires
Mon, 09 Dec 2024 03:14:17 GMT
Key-Alves-1-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
15 KB
15 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Key-Alves-1-279x220.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43711d6e4fd52cb1034e62fa99feb977a00ce1d641e31cc3de44fa283a299dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Dec 2023 18:23:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF%2FBzN1tmmsInZt5a23CZVBeF8sw9AorA8U8rOhodf3fm%2B3wY260yWIzUtJqzNpgX%2FcK0Xq9GcRm9Af4bGk9xe2tGzeSmc1DCokek24WtGFzEvxl3%2F30jgyLZzuoMT2q%2FdIzEbgn4MdLdo53Se1BIDrTNi5G%2Bn0I"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308581903-FRA
alt-svc
h3=":443"; ma=86400
content-length
15090
expires
Mon, 09 Dec 2024 03:14:17 GMT
Sao-Paulo-Luan-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/11/
15 KB
16 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Sao-Paulo-Luan-279x220.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d322d4493ee546f9d38daa49bdeeeedc86784f6dea388373788ac575009f92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 23:21:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2uv4PrRLD%2BKfaC4Droe2fsWLNtdJMaqdirxW2pOnq8UN6JbZdk65Gf81WRnyU9l37L5ndziL7AeLIFYasYbhqP26ILhNLlBIevJbymD65kHXLFXZQt7%2Fq3er%2Bo8f3ibLb2kpxpD9wUKHwuzwHlPS4%2B4NyQuaHY%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3085c1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
15473
expires
Mon, 09 Dec 2024 03:14:17 GMT
Dorival-Jr-James-Rodriguez-Sao-Paulo-e1695131046396-368x445.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/09/
25 KB
25 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/09/Dorival-Jr-James-Rodriguez-Sao-Paulo-e1695131046396-368x445.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598398fff29a70bdbfb62959033dc299369868e867eecf11938e3d7b5b2142d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Sep 2023 13:44:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ij6CeKh8xpcIZ1hWvl6slPY0mOo9U6VoMd4uP9whVcCTjrUIjKjEFJnxKpsvenEkv9WLaTJYueE4bEDQv87%2Bwmedi09%2By55%2F6DjU%2BGaKxs%2BvPJLRZI7bYxGWTLPVyoi4XBHmuuIcZtB%2BdTc0ACJNQBPAS10IYVJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3085e1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
25116
expires
Mon, 09 Dec 2024 03:14:17 GMT
Dorival-Jr.-Sao-Paulo-treino-e1701101134273-368x445.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/11/
29 KB
29 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Dorival-Jr.-Sao-Paulo-treino-e1701101134273-368x445.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe1b8b2a83e8c80262f4ba8cc9ad20741e7bb2f775f359f94b4e25bfeb8a543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Nov 2023 16:05:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0LgvVjsPsvymfFH6pYSoyBuzzehQTWEKb7Cnfm3XEgMRwamrKLLogT140x3zbANS%2BhX2AejIrNejgVY%2FlmjNC85VLBVXLFIwpZBdphxSZCmhRC8UXqfIQjKF070pd8xAvRFoAnHGvt3%2Bj97gv87nwhpWknW39dI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308601903-FRA
alt-svc
h3=":443"; ma=86400
content-length
29196
expires
Mon, 09 Dec 2024 03:14:17 GMT
Dorival-Gabriel-Barbosa-1-368x445.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
25 KB
26 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Dorival-Gabriel-Barbosa-1-368x445.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb2908641f6b227f1915c39a42b8c69b17bd2c1a18cdd863314250891c1a407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Dec 2023 17:59:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma3hUs%2BFwVwku%2FhV1k58uXoufPM7fmfUq98UStU5ZW0BUJTiDmFzcxaSwXRUGdMgZhdwhzCrsmc7zDCe5VzwEbfCOGhFOj4hP195B1Wa1fffLa8Nv54eMmAAIcorZUj4JPdCzCX%2BFSnwwxgiVEv9GTda3RRFJAkw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308641903-FRA
alt-svc
h3=":443"; ma=86400
content-length
25800
expires
Mon, 09 Dec 2024 03:14:17 GMT
AnyConv.com__Diretoria-e1690828686957-368x445.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/06/
26 KB
27 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/AnyConv.com__Diretoria-e1690828686957-368x445.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06481698327594a18a0c0effb351ab478f377f5778a1c166a59cc9aa475c1aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 31 Jul 2023 18:38:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOdCECaJpM70Z9PJjZDn64APa5quVvmWZjALnAdmhmdcxElKpJqxP9%2FRzN%2FxXkXGMsVMz6ijz6xyzUaGycAqAzWIa%2BoCi%2FiytB4qEO4QpjiQIUGMD%2FvpIjiC2WbhBbUrw%2FcFk%2FuWSla2g95ghYZhQmM3mvKaw%2Bn5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308681903-FRA
alt-svc
h3=":443"; ma=86400
content-length
26882
expires
Mon, 09 Dec 2024 03:14:17 GMT
Casares-1-e1683036943227-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2022/09/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2022/09/Casares-1-e1683036943227-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49102fa7d8f3d9fe20f5ce11ea6612065754d639c624e9c7306561d797b68d4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWU4u1KkaeGVQteFXnd1elnbyP%2FjWwc7bvz6HRX0Ovrd6Vkib4F43VqY19%2F0KykRAc0UPGBGizW9jEF5AAmNfCZ%2B9Ju9nVoZ3uryQwW7FPS45C1QH6wd7vXIabdaVcUziKeFH%2Fta5J%2FS7hcPt5njpwVNoIErO8qd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308691903-FRA
alt-svc
h3=":443"; ma=86400
content-length
1552
expires
Mon, 09 Dec 2024 03:14:17 GMT
Riquelme-Boca-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Riquelme-Boca-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cfc6e8bc2353fbcd4c95185addcd6fc897d8843f6b93e7fc1e0d676e5419a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Dec 2023 13:29:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkNg854mFB6uZX1nK2603VZWzemB3Iog1pxqUYFdpGS3%2Bv1Mei4xFF%2BqPq9AhkIKrz%2FYukZb3eTiZrSjQHlMm%2BJBS6BRno1YNGJJwj5nuzBL1VoarQjfQGOxivzLtsfqRuYK1JlbMZpDU%2FBRQlgL0mykWdITlpHz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3086a1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2248
expires
Mon, 09 Dec 2024 03:14:17 GMT
Morumbi-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/08/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Morumbi-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6766482d76571f21930a2a9b8dd350199efcd255cf684a3aa7a1ff23d92836b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 14:41:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thm4vT58eW%2FGWxHRfVhQuNPcjvuZ6tnLAPeIARyZT%2FcOnHQjL4XMvHG2aw%2Fn8R3fNhcI%2FkDRvLtwMEOJUYu8qdcRWdj106CnD9eWKI3bhdFZ4iJ5MH%2BK%2FE1SC%2BSD2ipIalQa41e1U3SLP9NRrlPQsOtptfMFj1zD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3086b1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2220
expires
Mon, 09 Dec 2024 03:14:17 GMT
Maracana-Flamengo-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/08/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Maracana-Flamengo-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27238ba2620d9d7e85aa82877c1881d1c05147bb6a7970f370deaabeb5bedbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 14:48:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JopP5x5BpGn6bhcsS3sd43pOLIkPLsmLMo%2BIYviS5zLHRLcN9hOH3WjA%2F2zWulknGAP%2FXK3ZK5BpxU9m1bSM5EcEIqnv8r5pAVnzSVJDSq%2FyPzWbP7065pbsPxFeWIYkmLrWFL2NfmlII4qPl6%2BWDVssVbSuWB%2F0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3086d1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2470
expires
Mon, 09 Dec 2024 03:14:17 GMT
James-Rodriguez-contrato-e1690812802357-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/07/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/James-Rodriguez-contrato-e1690812802357-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbfce030d4bcfe922b43cc0c9e4c270a23554843d8b80b4d911d74a38c6a56d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 31 Jul 2023 14:13:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0XFtfvdPrugzOV3KB3%2BtyUd6dALiOqO%2BIv%2FV9YDBQM8AEdvJRjA7A%2FKacxb9XZm%2FbW7Ldzv9AUawzon30HcwI9qaei6WWYIybGRtbsNHXUEJ5iozK%2Bpfz1YL1h0Jt4B%2BdPK1dvoCrMSSwAV03cDnnG4p3LKo3%2B1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3086e1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2016
expires
Mon, 09 Dec 2024 03:14:17 GMT
Ferreirinha-Gremio-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Ferreirinha-Gremio-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f244253939c63351b34fb6b40bc7af1a0b8da9a8d79d8f095e34f13152a41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 22:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csh7AFAI1WPyeq7gj8yZbqo9q3Bbm2NXPh0vHt62vTxkSovd%2F%2F8%2B9t2a7PX4YRwIddNz5QRLOl5qykFjsf0LDle%2FQgD%2B1UPfFlkFVddBjV%2Bboqb9zkAO9oQBVKBlvOW%2FMcW98OUn2%2F%2Fox79THRcIvB85vPtbQw%2BH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3086f1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2384
expires
Mon, 09 Dec 2024 03:14:17 GMT
Arboleda-Sao-Paulo-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/04/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/04/Arboleda-Sao-Paulo-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb627b400414a489b1a13ff70c8983485f6c4063c4b8838aa4a0179a737009b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Apr 2023 14:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXOAMP5l%2BW3oh8CdIOVPCfChC8FFdMpnRG9cXUWdtlDUIiS0IGwx3kxCf3nVe7K37xy2gEZqsxdY9kvHRJKw0xM5tKmVhXzp1KLfg6u6JHKqljiKzOKE%2BQc9Jj8Frh38Bg6PQVd7Aq4BAP259Xw9trK%2F9fG930tj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308701903-FRA
alt-svc
h3=":443"; ma=86400
content-length
1732
expires
Mon, 09 Dec 2024 03:14:17 GMT
Diretoria-SPFC-2-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/08/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Diretoria-SPFC-2-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46a738795240f397d712472e7fcee9e1faf104cac5853ea66b00e2415f42b05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 13:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uIOMcQYCLTo78KCCbWU5v%2B6H86OJZ%2F3Mczq2Z2OmX67qRBzqUX%2Fgy9AQWXgo2kfQXJEb5o8NCsn%2BYk0TkpKhpM42wDBj2LCJdozREKDOwDQhaPU3fSj4o863dlEsvyKdKq3qL3vXknWLFEZZlNqX%2B%2B6876GzwwZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308731903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2511
expires
Mon, 09 Dec 2024 03:14:17 GMT
Hernanes-e1702071385808-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/10/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/10/Hernanes-e1702071385808-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82827501afec686ff217847bea18cf345ca8e8aa99027ebff98f37e801394b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 21:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fs0Bu8L1SYBLjUtBVzH7Jsp3tENi3ji1UacAZjTDtFwW0VQ8oM8faQJP6zWaUtaLeQ5Nq8HZcZSlPvvUwS%2BRrDdwSPOaXSMRAFyM0%2FU49HPX%2F%2Fxw%2FD4aGnygiQYh6g2BWlfTWTEL3jz8XeMgIYHWtJ5PRJWs9eW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308741903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2484
expires
Mon, 09 Dec 2024 03:14:17 GMT
Leila-Pereira-Crefisa-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/03/
11 KB
11 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Leila-Pereira-Crefisa-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aacd8572f4abdb803104c089cd42c187a52e4af8291493a7fcfdcde18cd72f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Mar 2023 19:42:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJJY%2FO8%2BOtKb5EFAlj2ZS%2B4JmpJ%2FA3EJmModhmg1lAXkyK%2BnJqDNYER6FGXqEIkuWZZFnR8HN2yCKX4lbllKw7LXuh%2FP1ek4Zq7RsVXLkScvZTb555wuiVSiQ1jzJMnrA7GPiJl810IoEcsafmt7w80rMQ7d88FL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308761903-FRA
alt-svc
h3=":443"; ma=86400
content-length
10795
expires
Mon, 09 Dec 2024 03:14:17 GMT
Sao-Paulo-FC-1-e1699993557293-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/06/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/Sao-Paulo-FC-1-e1699993557293-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5acea0998f8b7454460db5e0c845c6b34b8f5c16b9cb1a51dbda933575162407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Nov 2023 20:25:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSM%2BGHBHVm1N%2BHFVvVH06a9oCkdTOC%2BSKJ6ckDvp098IcCURPL4z3nPwIJdX1O%2B6Y3lJaE80NA9pu9V2QNwD9jW4ffWtzXLJuLMvkxVuUDGDjxs2piF1SLw%2BNBM9Wfd2GH5gZ5fUI217QVuESFbZxhPDX92thiG2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308781903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2506
expires
Mon, 09 Dec 2024 03:14:17 GMT
Lara-Silva-Faustao-1-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Lara-Silva-Faustao-1-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375086112b846e1b87e6c17841fd3c45809dadd86fdc553033ed20797147f034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 19:41:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WMqcRJKBkctEoyHJO78NcpLUZRsXMy%2BendLLDKSwSSgmSIbISd2Tkb3crTKIvkGMn3nSV9gJcVjVDHWMX5unA5VgCE1geVPhA4IqI9m3ReRWyaTeiRaFbIoEht3sxeRTjfWAIvciihkvndXdM4OznDoiYx4tgA3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3087b1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2062
expires
Mon, 09 Dec 2024 03:14:17 GMT
Barbara-Berlusconi-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Barbara-Berlusconi-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d5f0c0f3c7704b63d9e5d676e736069539324697fe77193dcdbe21dab2323f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 19:23:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IETpERCDWKm4R0JJl6FnIh0j4taKmC3QsmKfGiLBATLkRZnV9SmmgprrB%2FBj8P7ddh7E3lobhu56w678Vycj3YoPCymGWGHAGLvtzikB1GPnKI0YMVp2KV1IpYlava%2FzGS3pYe9avXfnPzqYbB6EKBcXR4MPSlL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c3087f1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
1711
expires
Mon, 09 Dec 2024 03:14:17 GMT
John-Textor-Botafogo-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/08/
9 KB
10 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/John-Textor-Botafogo-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858972a01ffd5fcbf9be0e871ad665a406893d8044857d4292f351b030427f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 17:03:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN6vFB2SngutUhvLXFsZTs%2Fprapn36vMQxQWgX90gk58wM40xNHGNn%2BXCOp57n1RGhEefyTi1gTIgeUVd2UnibKhLN2%2F%2Fxo6DOOWz63b4gFacxnHQufzwbHtlwa0KrHZA0aoRfHeXhY9%2FDuavv6kz228L7Hn7Ssx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308801903-FRA
alt-svc
h3=":443"; ma=86400
content-length
9211
expires
Mon, 09 Dec 2024 03:14:17 GMT
Sao-Paulo-Cotia-Feminino-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/11/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Sao-Paulo-Cotia-Feminino-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e351e1c8c7adb813f4ef8386d0e523a791ec719dd596a4e95d626cdb8fb447

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Nov 2023 20:12:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az036IT1CBKrZjl2RrskN0HnbScZdVGXndLuDTDhiLw7sqRRphsRWt%2BEBLXNJB3DYCCyK93UvWGIWj8YEIscj8%2Fegx6EYD%2F%2BAjURlG7BAVmriiY3I2Ec1BnjsirH%2FfqvyuBh1sh1tnHVNRvbSN6pvq9Zn%2BgxKeS4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308811903-FRA
alt-svc
h3=":443"; ma=86400
content-length
1782
expires
Mon, 09 Dec 2024 03:14:17 GMT
Sao-Paulo-FC-e1689948391519-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/03/
3 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Sao-Paulo-FC-e1689948391519-86x64.jpg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3382941f638b5a2e4fd70ee0e8ad677fd62726d922b0b5c7f845fbc8e3e3245c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 21 Jul 2023 14:06:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHy3oyMhizlYLarIM3oSARMnV0uHLp0K2%2Fm6dpZ%2BbxQwty0LGzdtOE8BA6pErfDz6l2R8XpXloIcKLElYZKW5%2BWxjFOvS481R7UXlvMKfLi7z63rRhgyD61tA97JIRk1FGBuHSNgVJ0Unsvk3O0Z5VfX2arQ2w3b"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308821903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2697
expires
Mon, 09 Dec 2024 03:14:17 GMT
Pablo-Maia-Sao-Paulo-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/07/
2 KB
2 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/Pablo-Maia-Sao-Paulo-86x64.webp
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f6c5a3eea28dc6a8e6c5a94e828e0a5d6140ebd8e21642120f3ba773d6aadc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Fri, 21 Jul 2023 14:36:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZXuh30kpvqEnLBm8eFhdxwznMjT0tk9oU0REcZ%2FWEy5rxJIEwnA%2FuPZ2lWfjo0V7o%2Fvp%2FWK2bpD3x5UtCO914jl6443pb6UAoveraSDpRs9yrMXa%2FTDwCqSC4K84VGjfEdsribusZMT2YIY5SYNCN1JXzPfn8oX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308831903-FRA
alt-svc
h3=":443"; ma=86400
content-length
1850
expires
Mon, 09 Dec 2024 03:14:17 GMT
Sao-Paulo-FC-bandeira-e1696264945497-86x64.jpeg
portaldosaopaulino.com.br/wp-content/uploads/2023/10/
2 KB
3 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/10/Sao-Paulo-FC-bandeira-e1696264945497-86x64.jpeg
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8f1c3ceab49255a03aa2e22d5f8d92077ea155767fb4c8c3744866d9757e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
MISS
last-modified
Mon, 02 Oct 2023 16:42:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXmh8xW1d%2B6gGGRcBz5vSnG%2BVc6WzYX6CPlo6MLzKR4QxFy5H0Ar0R16URjxSgVHFPAVlDrJ%2F%2FFjQOcGHhbqp9fm5I7wX0QUIV6SaUrJ0ujtjtWdS7HcK1BPzociTv89t4PbFE9FuhSSziPKqIA0b0nbnMuBxEow"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308841903-FRA
alt-svc
h3=":443"; ma=86400
content-length
2220
expires
Mon, 09 Dec 2024 03:14:17 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:18:49 GMT
x-content-type-options
nosniff
age
50128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 07:18:49 GMT
fontawesome-webfont.woff2
portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1012093
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Thu, 29 Jul 2021 14:59:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Naw3Na8Sw0AqkIyeJ%2FcPeg8b%2BSGP9gZll4VZG0uuj2pvKIt8e0T6Hf3D3hXKRIdZnCjKVtB%2BhUKGRwt2gYUNt7yl%2FqQp4DXdnInqbV%2FvL%2BN5e2%2Fh%2BTDKzWnye8SSxzMNyYNZjogpBJjE6amB%2BNnRQYkkm14NNV5m"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308851903-FRA
expires
Wed, 27 Nov 2024 10:06:03 GMT
bs-icons.woff
portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/
14 KB
14 KB
Font
General
Full URL
https://portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer
https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
782432
alt-svc
h3=":443"; ma=86400
content-length
13852
last-modified
Thu, 29 Jul 2021 14:59:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmAD3G9niAW%2FXv4ojQZN732h0Xf48u%2F2Gk6cDkuXwZ7j95%2FvK1%2FTn9U8HdpuB2xlw8vXpX8IOj%2FZZVXg0lFfT9I6tRWqZC1ud%2F%2BSeldGw2HeiNZJN5E3LdUUu0DIS1AAUpLuzkFM0Ke9n7oSFRaZEQPfzOOHoMoo"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c308871903-FRA
expires
Sat, 30 Nov 2024 01:53:45 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options
nosniff
age
91143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 19:55:14 GMT
event
tracker.myth.dev/api/
2 B
523 B
XHR
General
Full URL
https://tracker.myth.dev/api/event
Requested by
Host: tracker.myth.dev
URL: https://tracker.myth.dev/js/worker.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://portaldosaopaulino.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSdeAKaFMhuxdzV1s1M6IfWJIQcvaluseTzkcw9%2F0kZV9u1yx1LQ01wRxHDaPwByT1ZmzBqy0LAT1DPPRxGow0EGvs%2BrMOR5SNzsLa7iWrMbtrfKW%2Bq6aFhigu0HrmvPpMKmF%2F67l%2BmwvixqwKzk"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
833041c37b723648-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F59GR5xao_SQ7CxSBtDh
load.js
pm-widget.taboola.com/portaldocolorado-network/
3 KB
1 KB
Script
General
Full URL
https://pm-widget.taboola.com/portaldocolorado-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfD1JschBRuBTXTESjhXjM97e2Bmfh6U
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id
FHA315WPVWRHJMXM
age
2884
x-cache
HIT
content-length
1144
x-amz-id-2
LsJss3qLzHbiumpcr3HD+uQzY4byu6u7BT5XYya+eI5MnylEjNnw0pMk5hhjVag2TqsY8/WXq/s=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Tue, 03 Oct 2023 04:45:58 GMT
server
AmazonS3
x-timer
S1702156458.548071,VS0,VE1
etag
"ee37256a778c03e55a2eaddf126931d9"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231207-12-RELEASE.js
cdn.taboola.com/libtrc/
819 KB
170 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Mhb0FGAcBXo50kmRZY65RdfvNFTxz7i6
content-encoding
br
via
1.1 varnish
date
Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id
M0RH4PRHWQ4W06JV
age
28632
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173829
x-amz-id-2
QWQr+8BoT2NBqlzk85TzmkkELUP4ltMwWP3GRFAqAtGUDWdR2pqd+aSouwIN4FSdCAQOtFQdf4Q=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 07 Dec 2023 13:09:17 GMT
server
AmazonS3-br
x-timer
S1702156458.542324,VS0,VE0
etag
"9356e9f99a129d14bc990a23e0a86d44"
vary
Accept-Encoding
content-type
application/javascript
abp
96
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
143
ilabspush.min.js
cdn.pn.vg/push/
231 KB
62 KB
Script
General
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/c21ce561-8fdd-41cf-bfb3-40626a5688cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
via
1.1 b50b0f4274b74414c7dcdb544e6090a2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ZRH55-P1
age
6526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 07 Dec 2023 15:50:00 GMT
server
cloudflare
etag
W/"182fca27d735cd93c2d2c43afeb41bef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJxxBqeIuh7X%2BKlUlTGX%2Bzdc4u0UA6slN7ioQ3%2BOX1ACe3mfldVXP29Eyrs6evaxwrKBGlDrc%2B%2FohfUKmeD4PuX4w2UDiVdzbo%2BMRTXspvw2VjQ66y1ykSkG4prCC4CMZesSI%2FPo9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
833041c3a8c85c80-FRA
x-amz-cf-id
rV9WLeESxZScsmwB25ZmtUkohGnAJ0ZUN3zid9bE9cqzcfBhzFEMnw==
/
ui.cleverwebserver.com/
160 B
383 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2a1a06c6ecb8dedd829ef2a429287356e36d7f04afef11ad7d2b4acc7f2d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
833041c3ed8c9235-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
pmk-20220605.3.js
pm-widget.taboola.com/portaldocolorado-network/
102 KB
29 KB
Script
General
Full URL
https://pm-widget.taboola.com/portaldocolorado-network/pmk-20220605.3.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/portaldocolorado-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4

Request headers

Referer
https://portaldosaopaulino.com.br/
Origin
https://portaldosaopaulino.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
S0NybznADyjC11u403KHG9NurTw2vaPs
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id
DPMYAGHXN0YVRGY9
age
2734676
x-cache
HIT
content-length
28803
x-amz-id-2
9SlsWWpgchuoVAWJE6COBN8jSXMKLrmXAulUy/9+bLpUVVqKfho94F295H6nMqpyLwMnbcziCH0=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 03 Oct 2023 04:45:57 GMT
server
AmazonS3
x-timer
S1702156458.581734,VS0,VE1
etag
"202a4505b66371e8ab7943b4951f3b3a"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
b
sb.scorecardresearch.com/
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702156457563&ns_c=UTF-8&c7=https%3A%2F%2Fportaldosaopaulino.com.br%2F&c8=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&c9=
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-81.prg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
BA8BLSKp3MIP-T84p7HwWBESgraGvQwnyHnHwqm7YEAySKhYIEcv1w==
x-cache
Miss from cloudfront
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
241791
expires
60
pushnews-sw.js
portaldosaopaulino.com.br/
55 B
593 B
Fetch
General
Full URL
https://portaldosaopaulino.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde9490581308ca118c495925f3178491ec771b728b79d19bf7dd122970e3f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160252
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 16 Dec 2021 17:20:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNx8BgZmBmcbqWpWKzCnQAKoLWc33D3YAjYdLHgH50QOewL9%2FX5ZUdTQW8iyWGUqa%2BCWgPyb%2FaEYqCtJa%2BU5yQRSaXBqKPfkeXWNVBDlB%2BuDA89qgxIhIgw9v1%2FqztCW5o6oSc5Jp4Imnm%2FPaI0HDA8kh7yjCM%2BU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
833041c409801903-FRA
expires
Sat, 07 Dec 2024 06:43:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
30649
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138171
x-xss-protection
0
server
cafe
etag
7807444821274263820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 12:43:28 GMT
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/
35 KB
9 KB
Script
General
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
6356
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 May 2023 17:43:50 GMT
server
cloudflare
etag
W/"d83660b1645b3c67ae586e71ccd92e33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBLxJ%2BV%2Fio3RYuhtHvSwjDuugZ%2FwdN5SrHlPNgOKNT0%2Fm%2FShzKI6o0OUzt1iKE%2F4WjxSB9zzhsKPoiBPAUVj01xebsH4K6eJykh8SePnMQRPx3gvesFHmaOc4Eb7IWl167atRsR2mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
833041c4697e5c80-FRA
x-amz-cf-id
wu-gYTYmxrJMyDBxjdJCKEjMgQZLrjCBrf9Y38fGJ5I0BFWSbvwkGA==
/
call.cleverwebserver.com/
43 B
105 B
Image
General
Full URL
https://call.cleverwebserver.com/?id=60866&c=DE&r=HE&l=95&b=Chrome&os=Win10&mob=0&v=1.58.0&ref=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
833041c48e3a9235-FRA
content-length
43
content-type
image/gif
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/
398 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldosaopaulino.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6a507efb5925e8d9357c5249faf9f2a3651395b499330f4188eeaeadb10c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137723
x-xss-protection
0
server
cafe
etag
11344269690673176391
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:17 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 6910
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 19:15:44 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 19:15:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5GB957Y1NV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a90e8a988354563e5cf3e876e0fd4a87b5b1be243274bfe88d4ce09a0a5cf54f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89874
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
js
www.googletagmanager.com/gtag/
184 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192628768-11&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a3338750137f6be48ad45436d3017b407f5d09d0b1678651e67b1f404162384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 19:28:49 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6328
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 21:28:49 GMT
js
www.googletagmanager.com/gtag/
268 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9361cb908b83c141f3eeb290b24e144aa6fe839a7d232677a7d547135b068294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91623
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:17 GMT
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 21:14:17 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
61092
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
THU64By3ZdCXv06nWm0wGGT3ssIxrtfbaLMGnhcm2tU-BV9HFfPN4g==
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
321929
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
833041c59ab95c80-FRA
expires
Tue, 12 Dec 2023 21:14:17 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:28:48 GMT
content-encoding
gzip
age
2072729
x-guploader-uploadid
ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Nov 2024 21:28:48 GMT
ads
securepubads.g.doubleclick.net/gampad/
217 KB
59 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1321651908090885&correlator=3445557481033899&eid=31080074%2C31080078%2C31079992%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortalSaopaulino%2CPortalSaopaulino_Interstitial%2CPortalSaopaulino_Stick&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1x1%2C1x1&ifi=2&didk=3677888762~747429736&sfv=1-0-40&ists=3&fas=8%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1702156457802&lmt=1702156457&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=false&dlt=1702156457229&idt=558&adks=1812788701%2C347441239&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245d4c5c95ad5a617f2a968311d300242bacb292f0dadb6f5ffb485993ea0680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59877
x-xss-protection
0
google-lineitem-id
-1,6418277897
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138455036745
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D06
6 KB
3 KB
Document
General
Full URL
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sun, 08 Dec 2024 21:14:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/
39 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl_page_level_ads.js?cb=31079992
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:38:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
34547
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
11693141498105903443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 11:38:30 GMT
collect
www.google-analytics.com/j/
1 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1238900586&t=pageview&_s=1&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ul=en-us&de=UTF-8&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1923002367&gjid=1265499898&cid=881570728.1702156458&tid=UA-192628768-6&_gid=1249317713.1702156458&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2083018772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portaldosaopaulino.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1238900586&t=pageview&_s=1&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ul=en-us&de=UTF-8&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAACAAI~&jid=1977098846&gjid=1429735437&cid=881570728.1702156458&tid=UA-192628768-11&_gid=1249317713.1702156458&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=404277629
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portaldosaopaulino.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 9B8A
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldosaopaulino.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:17 GMT
server
Kestrel
server-processing-duration-in-ticks
258715
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
53200b160ad3560e8758632e4f2ce7023245f715606f9e19702716492e362cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-s8IK3VS+Poz1lWTilCihSy+GolQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portaldosaopaulino.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 09 Dec 2023 21:14:18 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://portaldosaopaulino.com.br
location
/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.analytics.google.com/g/
0
251 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N254Q8C0NW&gtm=45je3bt0v9101611689&_p=1702156457246&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=881570728.1702156458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702156457&sct=1&seg=0&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&en=page_view&_fv=1&_ss=1&tfd=1814
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N254Q8C0NW&cid=881570728.1702156458&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N254Q8C0NW&cid=881570728.1702156458&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1314518621
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
260 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5GB957Y1NV&gtm=45je3bt0v897311171&_p=1702156457246&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=881570728.1702156458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702156457&sct=1&seg=0&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&en=page_view&_fv=1&_ss=1&tfd=1833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GB957Y1NV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/
60 B
341 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6d98f0a07e454346e88a6882d73fa1fa788869223c49aedfbb4c6e9746d95bdc

Request headers

Referer
https://portaldosaopaulino.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache
x-server
10.45.29.239
access-control-allow-credentials
true
content-length
60
expires
0
sid
mug.criteo.com/ Frame 9B8A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldosaopaulino.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldosaopaulino.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1...
454 B
671 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
861f38a3ab2d6394309ad1614094eebf62ceca1f82ea5defabe9412bc9e8a313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5755548
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
280566
content-length
0
expires
0
conversion.js
d.tailtarget.com/
15 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 02:31:08 GMT
content-encoding
gzip
age
67390
x-guploader-uploadid
ABPtcPpKNR8g3KuNh2MtRCxAd8Akg4gFGDO94qX11vr0zbRWvGEnlZlkZHxi1nZ3aMTlgdrFnmM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Sun, 10 Dec 2023 02:31:08 GMT
js
www.googletagmanager.com/gtag/
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07a195d83f3bc8ac75e54ff6cc51b79ca42f058cd55e84904f0bb6abea59120f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74595
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
js
www.googletagmanager.com/gtag/
228 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2cf5acb226ee67e0e79eab63865805cc30703d9ebe074c7c28fccb0388477b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
js
www.googletagmanager.com/gtag/
228 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b894cc7e0ff5c548f67f18361b0c500e5d5b24f6fd6cbcd83426dea0f7464498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81033
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
js
www.googletagmanager.com/gtag/
228 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01af7339b6c6b48810da8d74a1437d567f2da716b038b0ceab3d48dfed89cd31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81103
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
js
www.googletagmanager.com/gtag/
228 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0db4ed353b10355c0190bb8322472f991598c5a8911b4c527d07203a082ccaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81104
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
js
www.googletagmanager.com/gtag/
194 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32b80cfcca0f669e3de6ea1dc4ecd36c162e555d8bc4d8aa68127d8590197475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72496
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 21:14:18 GMT
main.js
portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 98BC
Redirect Chain
  • https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB
Script
General
Full URL
https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb13e7247dc55a76c4ea9451ce39b88d1f4c68502b89a211df6bd6c1cb9c6a75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xWe2Us03DvMdkQqStCwxlabDrD%2Fjc4N%2F8SNPj6f5xcrvwfQtmLI%2Fc66%2FxMeWGEBtWL80nKhYOQiPcI8g9XHKBua%2FW7Q54UBmKcCLv%2BCEgVPAF3xEMGFAnElYdB3kRLguOgPvOwUOK%2BCldgtJ%2BFliXL6Hz9izJhY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
833041c6dca81903-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 09 Dec 2023 21:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrAXwXDWYgsF4bDRvtSZJIVtxRE9mPHkdTTUtU6deUxBkLKPOJlocTPEi1mZ5M9wt%2FV4Rp%2BaLI2HAMmbHSEdzl8Zk3aBsYY5h3ZvS7vhtyWVVIUmi18dgJTYwVDgYh7S6kppw%2BWr%2BHSyOnq%2FiGJvYm0jWb8kMwqJ"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
833041c69c6f1903-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/webp
base.js
d.tailtarget.com/
20 KB
8 KB
Script
General
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:51:50 GMT
content-encoding
gzip
age
1348
x-guploader-uploadid
ABPtcPpA0EQFGfhPCPyNXQQ6VgSV7LAsErupAEwqXjKdw2cmU0nE2_R2I07RGDSa4Ok8schbZzI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Sun, 10 Dec 2023 20:51:50 GMT
trk
tt-9964-3.seg.t.tailtarget.com/
70 B
664 B
Image
General
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1702156458&tM=direct&tL=direct&tN=direct&tY=3&tZ=643804404
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
portal-sao-paulino.png
portaldosaopaulino.com.br/wp-content/uploads/2023/06/
12 KB
12 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/portal-sao-paulino.png
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4347e5533b31599e126475d73441932755e671a267f2784366ead6e009549b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
916484
alt-svc
h3=":443"; ma=86400
content-length
12032
last-modified
Tue, 06 Jun 2023 13:29:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rsBYfBAYcKnN5mWrIsCAs0PAh53brJiZv%2BgFmpjZlAAoDaSrzAsZTtjTQ4Yztq14ef47TxqsnAticm2%2FI6U310mbTsPONJARVwbdr4V4yda2hxbA3t2cBeKqpyZAEfkQB5gAbxfHSx8sPF9RCYFU5JPt090r3Ld"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041c6ecc81903-FRA
expires
Thu, 28 Nov 2024 12:39:34 GMT
833041bebf179be6
portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 98BC
0
578 B
XHR
General
Full URL
https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/833041bebf179be6
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpAvJJI%2FWkNxFWnKxgegliBOaCp%2BohqfscI6N1Wh0Nhw0rQx%2F1%2FFJffhlPTFhNu36xnud9S%2FxGnBFtnhJa%2BdsKYqTz5IlDcwsFWjJFkbOEdmsfU1so4HFTY9ekpPkh4JNCHCDTWCzx0PpkhPnLFjzLWUZgDIm6%2FQ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
833041c75d271903-FRA
alt-svc
h3=":443"; ma=86400
u
b.t.tailtarget.com/
54 B
328 B
Script
General
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
44289e3d47d74145ce8ee6d99a3f9a2cde77b2d8aad9b1b946ea3204a9813ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame D3BB
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1702156458&plaf=2%3A2%2C7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702156457733&bpp=3&bdt=504&idt=439&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2540047951256&frm=20&pv=2&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079866%2C31079979%2C44795922%2C95320378%2C95320885&oid=2&pvsid=1321651908090885&tmod=66995599&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=453
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldosaopaulino.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sat, 09 Dec 2023 21:14:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A468
6 KB
3 KB
Document
General
Full URL
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sun, 08 Dec 2024 21:14:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97F4
6 KB
3 KB
Document
General
Full URL
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sun, 08 Dec 2024 21:14:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 8D24
0
167 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 09 Dec 2023 21:14:18 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1702156458302&cv=11&fst=1702156458302&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ba298d87594bd173435b3d0eae2663f84f8a23db29b44be0cb8283ea25736a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1702156458324&cv=11&fst=1702156458324&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
732d165dd7ffe0d4dd2067f50de753bde0fa07bc4bfae1e6955e68f8d473e74e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1702156458339&cv=11&fst=1702156458339&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b847304c8235413dce535477bf457427ddd23a1ed26a4900c54a19fc3167d6d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame A468
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 19:26:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 21:14:18 GMT
css
fonts.googleapis.com/ Frame 653D
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 19:25:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 21:14:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
8346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:55:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 653D
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
8375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:54:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 454E
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:38:26 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
83540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:01:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 653D
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:18 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 653D
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 20:42:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame A468
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:33:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
31275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9231
x-xss-protection
0
server
cafe
etag
9385233705467680479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 12:33:03 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A468
205 B
295 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:17:49 GMT
x-content-type-options
nosniff
age
86189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 21:17:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A468
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
age
75707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 08 Dec 2024 00:12:31 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 97F4
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
74213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Dec 2024 00:37:25 GMT
1107c3ce3c87336
ad.vsrv.media/deliver/js/ Frame 97F4
3 KB
1 KB
Script
General
Full URL
https://ad.vsrv.media/deliver/js/1107c3ce3c87336
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.248.142.235.167.clients.your-server.de
Software
nginx /
Resource Hash
7be0d3eb8675438bb8cd99f6fdbdad8e429e801c4e5ec85ddcd7d25b8bc3b552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
cache-control
max-age=4107, public, s-maxage=3428
content-encoding
gzip
server
nginx
content-length
1331
content-type
text/javascript; charset=UTF-8
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 97F4
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:18 GMT
b
b.t.tailtarget.com/
114 B
564 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007FAAD87465DA0689B2022CCA10&tX=b.52&tZ=19860658
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
b80f0363c7df0f0e6cedf5532ffcbcd0157341bee5f4c208ac3c930d484f2f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.google.com/pagead/1p-user-list/801247112/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1702156458302&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNfxt5lOrFJ7pbHyWvqiJD1900_8OJdoONWR6zBH1TAOHD5Ugc&random=3887136765&rmt_tld=0&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1702156458302&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNfxt5lOrFJ7pbHyWvqiJD1900_8OJdoONWR6zBH1TAOHD5Ugc&random=3887136765&rmt_tld=1&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 454E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sat, 09 Dec 2023 21:14:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/814785950/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1702156458324&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNslpwnkVhGFrCqykYAF70UUrBVKasBWR7yCpIczsX_Z9JKn8a&random=1413010766&rmt_tld=0&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1702156458324&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNslpwnkVhGFrCqykYAF70UUrBVKasBWR7yCpIczsX_Z9JKn8a&random=1413010766&rmt_tld=1&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/AW-931232517/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1702156458339&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNsSroSnViKivWp7oXtTkImuZ30baT468Jyz2GNyVPZpsqRLDQ&random=437809828&rmt_tld=0&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1702156458339&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNsSroSnViKivWp7oXtTkImuZ30baT468Jyz2GNyVPZpsqRLDQ&random=437809828&rmt_tld=1&ipr=y
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
tt-9964-3.seg.t.tailtarget.com/
75 B
112 B
Script
General
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=366105416
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c16ffaefaa96364424fbab29ab554814481486d83cb052cb25ab3e223c5ec8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 97F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspGtTL4YkISTUxFRRoA4U8YDrFZaBEyFUouj4T7zysgpDbiJRqbHeamoeF1IfhPogjZtfr45WFtYatT1QjIEhVwvJj7EbGIsOPQq2BXyVSPdr6CFnuhDkUipoA8OCFIS_5h1bfP8zb303nOSNo9KD4L3TSEl6pvs5xILubVLjAJabS0BBGY8BK7Rivi--5OtWNrkr-lmhmoGd-T5_Jozud7igpab56MhoFzQrdZEfmGfdsHfd4aOsW1GKRMbjBDUmz0XA8UoFobEEUWC3UzAV5YsNA2u8T_D7qJcBk7h8VanWRIqrwFDoYqHaWnuP98OWLTcYNE1P6waPIJXHiXcBe4HibMf-DWTt-D2Q4hQVYrVrbBmLDG3cZVc3JfnsDaNlQNJdLnGIJ0fJdhhrMgC6zsnGC&sai=AMfl-YR37zeUwITgYazWAK9Irv7Sz7Qj8q74xf_4of-YPmWwDjwQy9UxYu6Vam2HKAFfnsG3BCqxDRkF93MSo68YWM11eYvNAHAQ9KyRFIdn8hZrsJSEuRX26ZNtWdRvdSPYImf-Uxgv00TibAKoNR1lhJOq-JbBfoY8UBcaAG0&sig=Cg0ArKJSzMIjPnQR29wtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1107c3ce3c87336
ad.vsrv.media/deliver/token/ Frame 97F4
2 KB
1 KB
Script
General
Full URL
https://ad.vsrv.media/deliver/token/1107c3ce3c87336?loc=https%3A%2F%2F602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&vid=52f5d60a-d4a2-41e7-a368-51d6ad285e46&ref=https%3A%2F%2Fportaldosaopaulino.com.br%2F
Requested by
Host: ad.vsrv.media
URL: https://ad.vsrv.media/deliver/js/1107c3ce3c87336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.248.142.235.167.clients.your-server.de
Software
nginx /
Resource Hash
a80f6001deb9fd22c4405eed0cba1da78ac7a9b97f5ba0e5fbb4cd2f9c3fa9f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate, private
content-length
925
expires
Sat, 09 Dec 2023 21:14:18 GMT
9ed6707d8a09a268742c.jpg
ad.vsrv.media/images/delivery/ Frame 97F4
28 KB
29 KB
Image
General
Full URL
https://ad.vsrv.media/images/delivery/9ed6707d8a09a268742c.jpg
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.248.142.235.167.clients.your-server.de
Software
nginx /
Resource Hash
b9ccfd2dab2f0d841ecd305a719d0d01c8fb3455ef17eeae020cefa82edef4dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
last-modified
Fri, 03 Nov 2023 13:28:50 GMT
server
nginx
accept-ranges
bytes
etag
"6544f592-71e4"
content-length
29156
content-type
image/jpeg
tr
www.facebook.com/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Dec 2023 21:14:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
70 B
363 B
Image
General
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/
43 B
289 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1702156458436_3117783974&tJ=CA15795,CA15771&tQ=r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FAAD87465DA0689B2022CCA10&tX=b.52&tY=1&tZ=639763954
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 8C62
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 15:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
20106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 15:39:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 97F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujLBPIizdTimIWJ6VWgGNwXDHQSkqrXGzmxtgRAu_4VId5WhF2Cyce9Fp4bGsq8Rs9sD7dpX0XXhrDkKz025P7MzuHLnWZ-y_kIt9OIJBhNSoAjdOPluRNXVFH16cmmsoLwbGoprCxNJywh_PGuYvfP-j7nM_91yWkbsAmb_EMJOZvwfzPhFDFECcOqAMsk3MzZc1RKRctLkJJFFUKiczEbPpddXbxD5uf9ENOhfIqb2Ud3sDhSB3U7-WxrRDbkteAQPxZbDZjHnN8OUYYMlTL527wr9RuPhRYRcEckFDVv4B00qQrAeHoBWOeU0HyTpaUJ3NnvLzIxeGFqqr5Vxov8MS1z8LL1FxsxeVOQGqF_JmmEbVZUpNwBIC8H5BtLuglcNcw66OP-djj44yHrq6yFhNGvSk&sai=AMfl-YR37ip5JqcPMPfIbMet-8EtgCwpiFDC4Ze8afLu6FhZ55QUoTLQwCezABwbDIQML15WfOiEi65zgD1BPsVsoKW6SKCe3NsdyLiWk_jM_N-y5s8mMOjghzVH7Z68tH4_IR2BXJaR9b64Q7UpR1k_NFbSrLJkbuDU3nenF2w&sig=Cg0ArKJSzJFQNf8lm8xeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 21:14:18 GMT
truncated
/ Frame 97F4
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4fecfa314eef79335f53501dfead3036bff1d9893175ed5dc85b4f7d3c7c5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bb90951d9cc3176058e0a1a190ae38507f58bc70265b5befdcf6057586bb94d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12149
x-xss-protection
0
mobile-sp.png
portaldosaopaulino.com.br/wp-content/uploads/2023/05/
8 KB
8 KB
Image
General
Full URL
https://portaldosaopaulino.com.br/wp-content/uploads/2023/05/mobile-sp.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88704bcbf6cc035484d56531cf8a26a3fd93acdf9609007abe9b3a821f9baf52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2581793
alt-svc
h3=":443"; ma=86400
content-length
8148
last-modified
Tue, 30 May 2023 17:48:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE0%2FrMuthKRifrX4wS2RR8zRB508Nky3umCMlmWm33PGERp8tpCFCej%2F6UBi9CjHvHFYlrk6k6QjfWFY0x%2BNhlekbV7zUSppwTvWJkb1jFkEqh%2BAI7EQ%2B6Ozv7ZOoXu2I9xSQGdn3PGtJCpM1j9lAP2fsAptQl4Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833041cc3aa71903-FRA
expires
Sat, 09 Nov 2024 06:04:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 21:14:19 GMT
ads
securepubads.g.doubleclick.net/gampad/
114 KB
46 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1321651908090885&correlator=1767435742695717&eid=31080074%2C31080078%2C31079992%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortalSaopaulino%2CPortalSaopaulino_Stick&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=747429736&sfv=1-0-40&rcs=1&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Dd63e4ac06d02c98b%3AT%3D1702156457%3ART%3D1702156457%3AS%3DALNI_MaasOy5sLdKd_TQbCUWc0lIHn41dA&gpic=UID%3D00000d110c8ab0b6%3AT%3D1702156457%3ART%3D1702156457%3AS%3DALNI_MYJNf3SmS_nX3FkPMEy24WqIRLxCQ&abxe=1&dt=1702156459042&lmt=1702156459&adxs=0&adys=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&vis=1&psz=1600x2162&msz=1600x-1&fws=512&ohw=0&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=true&dlt=1702156457229&idt=558&adks=347441239&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b14c4e79ddc6a520b593136eda5e2f15dae79d9fcea993d1cb8c5f4e4ec0d3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47215
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://portaldosaopaulino.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCC5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 14:16:29 GMT
expires
Sun, 08 Dec 2024 14:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 66B4
829 B
982 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b99de21e7f416e69cd26b50bc28155c8f3aa6d1d2c06b85ab6418dc03134a4bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WnKS-9e4ANr8k73Ye897RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WnKS-9e4ANr8k73Ye897RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:19 GMT
expires
Sat, 09 Dec 2023 21:14:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame BCC5
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
83540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 66B4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=1321651908090885&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame BCC5
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9fgmzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 97F4
0
0

container.html
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BE4
6 KB
3 KB
Document
General
Full URL
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:18 GMT
expires
Sun, 08 Dec 2024 21:14:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 483B
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:14:19 GMT
expires
Sat, 09 Dec 2023 21:14:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6BE4
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Origin
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:46:39 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6BE4
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
7570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:08:09 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6BE4
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
8059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6BE4
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
97751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6BE4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
83541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:01:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 08A8
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6BE4
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BE4
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEeebql9Ib7_mrseF2zmltnia_gkVx50YwUMg1x4Dzu1QruVSE-hQ0rZ6Z9Ye16dx-GTe6wMyuQgyZTOfu0AHoYK7wOT5JqFa5Hc4jEBzAOm4o9tQ
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6BE4
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 21:14:19 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 08A8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1&google_push=AXcoOmRugqwzXiFZ4qGmp3AGlEYIQaPfFIi2WjEAch0e6HKGrl5K5P2abhjzQfaHt6oxAi-GTZmy2PtXikNNZyClja8e-WyGpodi
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2NDU5NDA5MjI4MDA2NzMyMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 08A8
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAW1WSgPIxYtbsaWKcURZTQ&google_cver=1&google_push=AXcoOmRLptuzu7gzWo1jVR_gzmuHVCFGpS6j-dk1kevvAhPx8ncpXKrqDWHn9m2X3s46Wq21XuXV33mgdcDy5tDChJr8kTo35dJs
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230044-FRA
pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702156460.745236,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_E...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpI...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcIeFxfBXd5luresqv34k5QlZWRuwklpV25DhI6Iyuo8osioQ6FXsDolYochqYg5hfoQ5giySgPIOzrCikeYf2Gl%2BOwEapGmgUukvtlTqvrhSX0kzMoUlAyYj8%2BFR9eV7Sr1yrjWgM7HXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu
cache-control
no-cache
cf-ray
833041d1ae804d8f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV5...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 09 Dec 2023 21:14:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
csync.loopme.me/ Frame 08A8
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 08A8
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2LXrEjG5x19bWu1Ia2w3v6W6jopP8kwJEXyvwYhfey5_8WUbdw4aN46r12i-zFJeDzppU9g
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 901C
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
62911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 03:45:48 GMT
expires
Sun, 08 Dec 2024 03:45:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6BE4
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41dec1bf4f0840b42bb5f9d1a5929c2a2c5435924c20fd5374f8d3903b9f808c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 483B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
43 B
769 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDbgKgqoIVcaz4OKZ99Hla9jYg7UvI1H%2BD3IAqPf8BiHVALtayfNjmfPlnHGnAU00tB3TRv2f4c1x43kvFVkL2dZiQwVibXKSDtjLe%2FclSlfyo2tRnIPYGWuwh9WyHn%2BQJ0C%2BMdonLxegA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833041d1b9389c07-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 483B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTYq71vMBKpFQXweyzHvQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1f%2B7hLfNvPkgUCMV2pBUWAj1%2BmoRADLdfY%2Bw6PyF4hcOCaLONRoIAimKOzmf29hXSLPUn%2FWBRBgg25q9vYQUEIHQozHUs9oNHpIsRLmI9dPZUyzBxRE2tawaSb8DUB%2F7k5tDxijZzkrQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833041d229d49c07-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 483B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKxFZf_ixol_dJe9jqF1P0o&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1
43 B
898 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid
ed7ad238-9392-4d51-8f77-8e2e42d2608d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid
a73e194a-fa9a-417a-8497-ff70a72a159d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 483B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid
68917bb1-dc1b-4629-ba4a-8372f494cb77
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D
x-proxy-origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 901C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
83540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=1321651908090885&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfONSUWhFFrRpXWDGIiF6_KQRM4uyMHl0XPbjo1_yk1DGvGdha2zl9yRP_jaf7bQX1AgAAAD5SAAAAAmgBB5kC_TDEnS14xbU1v-bGizhM722RkorV2_MWbPozvXqI2oFdX4dkiW7MFu84UE--6WvObOwXrMqFkgzBTe9xXIdH0LXuhXhUIRqFISYqdH6QHCVwokPQwGRD2sJp_E4lXmxVjs1oQHwJBaCsSzfNcrEJ7wEkfTfTFAvL115CknPOmLyXig3vMR4ps7rRHijqKNsT0emJPUoXoZyk_KeTq8tRICSTzyL9Gu8dl9a403qNCjRAlfOVusawzNUFvixaZsXaPAcarzZq_myUp9UzVBrq_jabp1bv8NwILv92hW_10ik2H9dovWb99HvEvr5qnYDkZcX9sPVsvSBPiw61yd-imw2SfUZ1ujOsJCHiqIMbJPX8duintzuUy-kNiftrAZSxGWzlp3dgk01K_JIK0UPbw4oe6g4PfTEMs9DHYJ5ng0JNNbge58eLEMk3g3QRptw7hV2s1Kgo9lDfOtQFfI3uk-Ev5vu4gc2kza8V63ThOkIrXOe13TUqQevEeWhV98yg11pESXBANI_WbqL2zgrAsTsyNhhhMUDCFO4uFRtuhNp1zfLNnOvCpmMtmrQsBKNHeY4oL3gc6zDInWgxdllgpGX2y3lgD1wIiznV0lSsyEtsF5Ql0lNgvgs1qnMqFeEZ08mAyILoM994acShaG0O2uNbleJUDaW66nBySv8W1O-vJqCaHWsbz_A89Vxh5Ja2i2SlFpSksb3bW3Ff7bq0A6X7T28D589awrU7bSWiw-9D3Li8kblwUSO2tETYOwC1YWXDmp2jCxUwUfoNWArZhGl46l8eqxmPIte5h5GZdpxAklYcNZ62gm8K7BsB2neEeP3EShU5bvQi9wXdRMGhrLk3ULj7aotb4sr35miSOFs-RkCJxb8o2eC_mF_H8QJDdfwCN3ui2jOAHpx4-0LU0wh56UyKelT6gLWMI2X7PaFiBcIMzCHxrPVW2dREd6kRibx3d43q1tv8cisgIKUjsrP0qZ1Oa6YF5eIp9Y1EhXqbj8Q6L7T1FaY1ww2ctg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

index.html
s0.2mdn.net/sadbundle/5828888878462795776/ Frame 3AE5
86 KB
18 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87db6ed4b0c73df1c5eed4648d19e3e14e8d42b7dab754365bcd421a1e2a3fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
51067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18429
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 07:03:13 GMT
expires
Sun, 08 Dec 2024 07:03:13 GMT
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 6BE4
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssNmnUfqnGaLkNM3lFr07lpGZPshM-Nkd4Ezv3L0caYMm2Uy3tLMY43TGC_sWjxGFw2tz3qJ1oB9AtY1fw6uw2Vw-Bu7FgA6onpk1icEtxkqb5B6LltZW4oX3aQKG_mnoSrOSoyTJ7zpRwsUo0pW3F_9DRKhYgPv2OA-l7JGshfoz19GdfNNwvBYICNoxHCTGVXYLiKrb1B5SFlbxn5c2AGiwqw1zjUBSxPED_F9pe-g1rtYcxfHzD8oZYvJw3mgvpRyEHLuKiEoycb54dvdiq6h5M8-ZpHCyRFcDbt-ornlOvy7kUiysXtOhxYRjskFH-8DCM38878HKF-iq0yfMVu-kNXED-5VB-bdmr1etBaG-pc_1qH7eDN9B0ymnz8R4Y1Ii8ZafigpVal1IXzMbXSgQyLq3iOk1Kb6Dp46qURrJ_3HH_ZoTpKvjqwnn9pyosN620wsq0IYUaMXZCvh84LT5dLEmoa6ielYGoEXiLudcDOzovwzT4mZx7UUgyiX942EJ6dbiaW_lXC5MLuq7PUls57xS9w6tXVprDcikueXM5CXe3LyHB6prSPyY-aI1as5cYir60T9XHiX0NFY2y8QqiAl5sEW3if1vCNX05hR-v5Vf1s727RenjWdyYb-0qWKtQWEkPQwLG_apV34c9GyzaXZ6gbPAeVfH8NJDNCW9pyHlY0bJEjWHNXWHa7kCwgAlKXWiVIlrFZhlQt43_Jd1wFR8nD2Bcb-Yu1usAvv1vZy1FUHflf5hGxg0sWU9hJNQAER1mZEr8-gaevCNbeFRTJAd9etSme8fXCFDuSAAlC-_hx9yaiKhm__oFgnuw_9IGULTWsF1i-cs3w4WnsKqtWZ2tox5tArDyLMFZxJIYLmhSGBIJcl26-W5sLrUYzg5tJXn83-rtsQCF4KW8Bd8krG6ebhbSia407JdyoAfSijZqk7Dp675pAZLBi3aJs7HH5QiN_B_Fd6wdihf_Cfi7uFXqKQkN1tHVZHjYNF9hMcbKUYRFsm4X_GqpjKuUiTFhMfNS12dL8QWrnxV60rP38iUAdSeqiaqS5LXI347VFI3uC2dpllKPuvoERRXrocRqpLQXY8vjOjh2aEl711MHgWu0Q8bCQgwD5C8cXNL9CGNEYMPPp6DU39EG7WcnLMmyAL6G1RYiNBV1al-SZR35433zWVaKkKR-ohJerJFTQzHnKg_xzWGlWDLD9W0IetnQaH2jDUdk6hVLi8j81TofOPqmBsXjXLIOOV1OPmUnVL_PGBmyibbK-t50uB0T-dwdmOvCbnfcCQSY6IBj7N9bHlUUMxdZ-pnhuxL-2qN0MNKqjcaR1aUyP9bJNL2j79LKWxiEvO5M-J0VGqtVxG6PaEBtSW8tDXKw7CeJFxyodt5SywUM5b2EGYkpUk8iaDG3uoB26EPsTI8fNlCBbU6we5Nv7Cq8UzgVvGAhbFz0lk6AVEa09aSs_vys_cCshl8CIh_zusqdtCUe9CseI2dShoz5SerglUM-Rfbw94kqfbuEdWxi-qydKvpjs0gE9YiSD8QY2qXuBTBNWn5I-T6M&sai=AMfl-YSN7qT8YdCpWY7JzEgs4WmQGrNTwAlR6-zQIJsupIXtMkXngh76WNrbYouMo2rM3wImaazjMCzRBYtXUab9VJrXNFUL6eWOXWQFbSIAwy014f4c4PBjR-FJ9MN_HBKBCz2zAmfvclGF_dCYyCo7GPcTxsO46ns_JtLCqR7fvMskDBnRFHpzBZByqGFAVqMmkiBOO87h5FG6mKihuKtcNE0VQPmSZTPKHsTqRcRU_ykTQPumvNvRKwEUzVge6yzQqoohJtE1FLu7BIkndtaD5bLOmS8qWCaBiq4uZIDTBLfFS27ErhxRrxipGq7086kZebWpOVwwu9vrvvbhnx_G4MUSYumUEvyor5QZjMoqkdFYrss69PxqGH7wrfRpC74HLASc9FALWk5qaTUN4DHdveZqcOs4v7nD2LRCmUB6tYqC&sig=Cg0ArKJSzC_O_LvAMb0lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=238&cisv=r20231206.18334&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 901C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAfFmq9h0ZdKjBoCn1PIPvIyq0AEAAAAAOAHgBAI&bg=!Hh2lHVLNAAY3kmNgF5I7ADQBe5WfOMosbz7bgqwTBhLYbjWmfqdwX1amWyiAtTiTcAvX4R6lA1IxGnDUKvbGJjFLiPX6AgAAADRSAAAAAWgBB5kDOnuWj8fgHW3ePViQj2XFGELOUkP88Wb0KWRvbT4G5CPcT3SsXW4fJnrM79ZHqYUdxMv619ajHrMMqxm2IaRgBBa0XaOza0eUG0J4sBoqA0IAZ78yNrGzjr0o4TwmIPxtzm-E590T5jFSrVzM8I4IcBGJ8o_WbRCYADD2vfhO_kWXCBICJzQZpkhBx2XWngTqDh_DbfXGf0dPYu03dsH2EL35uIhDyotHAwAdSmAlT39UWJIU-mGX2LM3yBnTtC507Tg11LQ4WSgpM5u8GTbEfmlq4my8TUFj-KYyYGsaJNg67keYnbVvVdFG0WHtIRHpbg1crkrPUYwxN-8iU1pRT2L-HuRB5_vDoO7SjI62fckxvVq2yv4a8L5Ab6NbusyqV51lFjtfJWfRE7wTJutCczwoCgR4NqT4-5fuh5FQeP8rBTxYtW-MQqnIMvlNWhNqZGQogxQBuYQF-EVS4hKnWGsNtTuYtH5Bt0hTBmkeOhX7LcfADj23bDcEjIYlr1ja5fJonSXgz0uOQ0xo6-AgGEYtvwnAanUh-WPsM0i3oR9KCwbIpnyQjrLBVaZU47cDCmK0MfJd5CoFwiDXAsvrjSU2ifbjrHesuT3p2UY7wD-l_bds8itq9ofH8OxDFxC2EsLerPDRCevvb3ksXG3ni1vAs2eecWeeRxSKFvCu_4CKVPashHZKEPRD-aUTlLm5VaDOGS5gZMDDyWaMrEX5vDD0LTm013B2iCX4VN905tN_619yLrAFeF7NaFITGRuvMXaKdZPTWlhOVoJDkRm_SI7gflBamatAi5HfbQj92L2uMUqwmJnitTrGS8fGKZ8XT6xNVCkZSp8GCSUYHeBt2ttFU2j2EiR9YTf14QeZ79NaRet4u9rpWIYIf9pVbX4BktjKRtUVwoUneyLlvXGpclc9692--ynRyxZzFX-JFkv1IuM6RWzKeBrIG9MlB1ixC6oIed8_-XybIR_ADK5POKwiy4TupRulg3Ek-TLQBtsclUZa2Eu7h--DaQpEzlo1a9Qo1XTlhDZg84L4A_bxY3DM7PDluag_054hvHyIeQMKkBjfe0WHMgNfEupZ48bLUSyhf780boKuUaM
Requested by
Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 3AE5
70 KB
25 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1012853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugUFG5AC41Ppkl4EmIUXdw3llxM1tbmwtCQ0jcF3Xby0r4Kd3MTRncHlPx4N32yryPIbd853Z45Btrup7NhtHf1NNExEFhZYBq%2FjdiYzFd5HdsWk8nueLf42kimuBkq2pTq2WGDs%2BFQ8fUBjZziG60Dp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
833041d3bdc12c45-FRA
expires
Thu, 28 Nov 2024 21:14:20 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 3AE5
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
94979
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
821
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtgET6nglzNNAx8W2%2Fac93qhGsS%2BYnXIjufm0My3LGayB2fzmuu3tHkuuVyPlBuAyNyjVzNtAPT2gbdjCHydUSPY%2F4jnZiZwi23VBct0ihtEvHx2Ve3b%2B7RaT%2F4Ysulph3y1XITtkrkwXqBevjUAV4T4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
833041d3bdc22c45-FRA
expires
Thu, 28 Nov 2024 21:14:20 GMT
13dc9848.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
669 B
429 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 16:15:55 GMT
4bc00967.jpeg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
65 KB
65 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/4bc00967.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options
nosniff
age
1901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66672
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:39 GMT
a6f611a5.jpg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
52 KB
52 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/a6f611a5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:05:25 GMT
x-content-type-options
nosniff
age
115735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53458
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 13:05:25 GMT
21a581d0.jpg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
56 KB
56 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/21a581d0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:13 GMT
x-content-type-options
nosniff
age
51067
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56976
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:13 GMT
4332eb45.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 16:05:11 GMT
f378cfc5.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51067
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:13 GMT
31152810.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
302 B
262 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:39 GMT
b8492361.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/b8492361.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options
nosniff
age
1901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2959
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:39 GMT
34c11484.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/34c11484.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:14 GMT
x-content-type-options
nosniff
age
51066
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:14 GMT
a70ed28b.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/a70ed28b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c60092cdf1bc703d733c277220a3709441129259e937cca537d7dc6261efb52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options
nosniff
age
1901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2105
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:39 GMT
891487f7.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/891487f7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45b787fc509d0753bf66efd5a3152c99844e7a35dbf756f512936d44dbf548fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:14 GMT
x-content-type-options
nosniff
age
51066
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3659
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:14 GMT
5e0da0d6.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/5e0da0d6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:30:52 GMT
x-content-type-options
nosniff
age
121408
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1579
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 11:30:52 GMT
a32ff691.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/a32ff691.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:52:01 GMT
x-content-type-options
nosniff
age
112939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3153
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 13:52:01 GMT
d3ce6798.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
820 B
499 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1639
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:47:01 GMT
1147abdf.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
769 B
430 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 10:25:50 GMT
f03f74fa.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/f03f74fa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41805a2cbfd70463ce7347d9a094b96074220cf5fc01b1e1cc6cc719b71f6680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:20:57 GMT
x-content-type-options
nosniff
age
6803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1980
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 19:20:57 GMT
3cd27a8a.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/3cd27a8a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e230e3d9b92e87927976ef7cb860f590114fe43c5268eb873f61b2ded6fc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:23:39 GMT
x-content-type-options
nosniff
age
85841
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3249
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 21:23:39 GMT
0f373144.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options
nosniff
age
1901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:39 GMT
c8840ccb.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:15 GMT
x-content-type-options
nosniff
age
51065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:15 GMT
2188a10a.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/2188a10a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47e7d2fedb68b869412ef3efdc829eda38a93489168677c93024f894c77129ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:51:20 GMT
x-content-type-options
nosniff
age
350580
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15374
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 19:51:20 GMT
78963c72.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5
33 KB
33 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5828888878462795776/images/78963c72.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e1bcb6490808c6ade52c4f2b567a1ec51d9339d58401dcc7d9199dd192113c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:03:15 GMT
x-content-type-options
nosniff
age
51065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33922
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:56:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:03:15 GMT
/
info.nsmedia-advertising.com/
156 B
603 B
Script
General
Full URL
https://info.nsmedia-advertising.com/
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fcc40affc6c9e1e881596234f396a953f4d43453eeaf0fe9a2f6755ff68fac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portaldosaopaulino.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B4wM6GUfyS%2BefbWU4erKi3jaqgzFQRntQCvHGx2%2FnRO2oN9B3LbCiNCkDcxjoyl%2FJiWNXY6Dkoz9GsMRHXeqsaiak8sy7tPDYv7CZgp2oDLNUmGMECqSu92RfYBQkZzFStJU0J6587km3FG%2B0HfBRg%2FRvlSCqIlctXS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
833041d6aad36584-SIN
alt-svc
h3=":443"; ma=86400
cf-placement
local-SIN
view
ad.doubleclick.net/pcs/ Frame 6BE4
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssNmnUfqnGaLkNM3lFr07lpGZPshM-Nkd4Ezv3L0caYMm2Uy3tLMY43TGC_sWjxGFw2tz3qJ1oB9AtY1fw6uw2Vw-Bu7FgA6onpk1icEtxkqb5B6LltZW4oX3aQKG_mnoSrOSoyTJ7zpRwsUo0pW3F_9DRKhYgPv2OA-l7JGshfoz19GdfNNwvBYICNoxHCTGVXYLiKrb1B5SFlbxn5c2AGiwqw1zjUBSxPED_F9pe-g1rtYcxfHzD8oZYvJw3mgvpRyEHLuKiEoycb54dvdiq6h5M8-ZpHCyRFcDbt-ornlOvy7kUiysXtOhxYRjskFH-8DCM38878HKF-iq0yfMVu-kNXED-5VB-bdmr1etBaG-pc_1qH7eDN9B0ymnz8R4Y1Ii8ZafigpVal1IXzMbXSgQyLq3iOk1Kb6Dp46qURrJ_3HH_ZoTpKvjqwnn9pyosN620wsq0IYUaMXZCvh84LT5dLEmoa6ielYGoEXiLudcDOzovwzT4mZx7UUgyiX942EJ6dbiaW_lXC5MLuq7PUls57xS9w6tXVprDcikueXM5CXe3LyHB6prSPyY-aI1as5cYir60T9XHiX0NFY2y8QqiAl5sEW3if1vCNX05hR-v5Vf1s727RenjWdyYb-0qWKtQWEkPQwLG_apV34c9GyzaXZ6gbPAeVfH8NJDNCW9pyHlY0bJEjWHNXWHa7kCwgAlKXWiVIlrFZhlQt43_Jd1wFR8nD2Bcb-Yu1usAvv1vZy1FUHflf5hGxg0sWU9hJNQAER1mZEr8-gaevCNbeFRTJAd9etSme8fXCFDuSAAlC-_hx9yaiKhm__oFgnuw_9IGULTWsF1i-cs3w4WnsKqtWZ2tox5tArDyLMFZxJIYLmhSGBIJcl26-W5sLrUYzg5tJXn83-rtsQCF4KW8Bd8krG6ebhbSia407JdyoAfSijZqk7Dp675pAZLBi3aJs7HH5QiN_B_Fd6wdihf_Cfi7uFXqKQkN1tHVZHjYNF9hMcbKUYRFsm4X_GqpjKuUiTFhMfNS12dL8QWrnxV60rP38iUAdSeqiaqS5LXI347VFI3uC2dpllKPuvoERRXrocRqpLQXY8vjOjh2aEl711MHgWu0Q8bCQgwD5C8cXNL9CGNEYMPPp6DU39EG7WcnLMmyAL6G1RYiNBV1al-SZR35433zWVaKkKR-ohJerJFTQzHnKg_xzWGlWDLD9W0IetnQaH2jDUdk6hVLi8j81TofOPqmBsXjXLIOOV1OPmUnVL_PGBmyibbK-t50uB0T-dwdmOvCbnfcCQSY6IBj7N9bHlUUMxdZ-pnhuxL-2qN0MNKqjcaR1aUyP9bJNL2j79LKWxiEvO5M-J0VGqtVxG6PaEBtSW8tDXKw7CeJFxyodt5SywUM5b2EGYkpUk8iaDG3uoB26EPsTI8fNlCBbU6we5Nv7Cq8UzgVvGAhbFz0lk6AVEa09aSs_vys_cCshl8CIh_zusqdtCUe9CseI2dShoz5SerglUM-Rfbw94kqfbuEdWxi-qydKvpjs0gE9YiSD8QY2qXuBTBNWn5I-T6M&sai=AMfl-YSN7qT8YdCpWY7JzEgs4WmQGrNTwAlR6-zQIJsupIXtMkXngh76WNrbYouMo2rM3wImaazjMCzRBYtXUab9VJrXNFUL6eWOXWQFbSIAwy014f4c4PBjR-FJ9MN_HBKBCz2zAmfvclGF_dCYyCo7GPcTxsO46ns_JtLCqR7fvMskDBnRFHpzBZByqGFAVqMmkiBOO87h5FG6mKihuKtcNE0VQPmSZTPKHsTqRcRU_ykTQPumvNvRKwEUzVge6yzQqoohJtE1FLu7BIkndtaD5bLOmS8qWCaBiq4uZIDTBLfFS27ErhxRrxipGq7086kZebWpOVwwu9vrvvbhnx_G4MUSYumUEvyor5QZjMoqkdFYrss69PxqGH7wrfRpC74HLASc9FALWk5qaTUN4DHdveZqcOs4v7nD2LRCmUB6tYqC&sig=Cg0ArKJSzC_O_LvAMb0lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=693&vt=11&dtpt=454&dett=3&cstd=238&cisv=r20231206.18334&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DE
c.nsmedia-advertising.com/unibet-32red/ Frame 72FB
678 B
676 B
Document
General
Full URL
https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
PsbLJgtLjoEEJxw=
cf-cache-status
DYNAMIC
cf-ray
833041d80bb36584-SIN
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 21:14:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3dGCeGtxdO1qESS0cgAYLUO%2F5%2BjIZ3I%2BcSWAcxb9Hk63bbMIt%2B%2Fn4vbISwf7lw%2B%2FvlnrzcUd8L6eN4sAZJbx1ns9T87wxYsHAuyqf%2BSWztKDfqe%2BG%2B3cF9Rjz5BagBtxrlWd8%2BgVYuoKvHnKx4W%2FztocFTpdE%2Bw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
activeview
pagead2.googlesyndication.com/pcs/ Frame 6BE4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskIhee5N4xuKVqbGcQnLOU_UQV1nLvkCiaCUqOJgD1CIoxGuifCAT8-_Ba7SodCvyJAZFDAm8iSNqnKrTFuANOLDEK_7kzVjktllz4THF9TyrGtidV8ZpELVxqTcuBz-zRxEapLbPw3lVI&sai=AMfl-YTX47YhgfRMyX2858T5LAp2L9ZBeHfngDPx4qYIuRBBtBaNI6U173fdqF9LyZ2NlK74cKRHmv_s2VfWY92BpHlhJbDdxIbnJSvn96I6ubXADs5NS7s-eMfHdIM-MiZsrxFeBoUycs8&sig=Cg0ArKJSzCIVbZRmX4-pEAE&cid=CAQSPADICaaNMIBfLJ2yL3Oh5ZkCGLV6hvXPv0_HDfTCx6IEbAq1Qqglw_xdw5bZaTIGoPkVHTriHxvnU2nnWBgB&id=lidar2&mcvt=1000&p=1110,297,1200,1302&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=347441239&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702156459572&rpt=199&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
b1.trickyrock.com/ Frame 8CB3
Redirect Chain
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664
  • https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
1 KB
1 KB
Document
General
Full URL
https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
1245
content-type
text/html
date
Sat, 09 Dec 2023 21:14:21 GMT
pragma
no-cache
x-azure-ref
20231209T211421Z-sabcpahebh5gp3eg34n3m8fs8400000003tg00000001nk7m
x-cache
CONFIG_NOCACHE

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
0
content-type
text/html
date
Sat, 09 Dec 2023 21:14:21 GMT
location
btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
20231209T211421Z-sabcpahebh5gp3eg34n3m8fs8400000003tg00000001nk73
x-cache
CONFIG_NOCACHE
DE
c.nsmedia-advertising.com/entain-bwin-de/ Frame EA3E
662 B
617 B
Document
General
Full URL
https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1

Request headers

Referer
https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
PsbLYgfGjoEEJLg=
cf-cache-status
DYNAMIC
cf-ray
833041e4cb036584-SIN
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 21:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SL2gA8s0AizaiLiKaGTau%2FvZQnYV6EQlcB7h%2BFT8aLQAfT1I%2F63Q2ZpLfW9gI%2BHakE83dwOv0jN7dZDGr3YiFGiciQshdkBIkqhEz7zfU%2BRansXtXVFr3nrUYjgVwzlrVhkfNQfYl8t36SGHkhxKd%2F84UPhJlnH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
contact
www.bwin.de/en/mobileportal/ Frame D9C5
0
0
Document
General
Full URL
https://www.bwin.de/en/mobileportal/contact?wm=5322937
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.137 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
833041e6eb0f9220-FRA
content-encoding
br
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 21:14:23 GMT
expires
Sat, 09 Dec 2023 21:14:23 GMT
server
cloudflare
server-timing
vanilla;dur=240.413
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfO-jD__9Fvh80n0ux0ltgEECnSxjj-pou5YBo1UeBbSoovpRSnwT6eANldSKSiAwvnmCmmATbHbOI7S675z--9U8a_MkD2OA7yRYcGgcJgV6Slp9aoVEClaP-F023iAJytYvl4W4NbA&sai=AMfl-YQeTHQrlOYSJUnhC96bG4nDfzY1k41nvbEROAFtjGQP_rzG1Ds&sig=Cg0ArKJSzH5VHV7sSx2GEAE&id=lidartos&mcvt=0&p=1139,436,1412,1499.5&mtos=0,0,0,0,847&tos=0,0,0,0,847&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.15&if=1&vu=1&app=0&itpl=19&adk=347441239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1702156458266&rpt=445&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB_UMKRNRJN5EhfHBDtNuB0&google_cver=1&google_push=AXcoOmQfJhqcctuQ0NghOw0jRjXM3K2ddbP5sMqkO3I78DOUD9miuiSeAsB0pHy_koExZyDPCPbOB0bPpTTTF4RJHd-p6MY5H3y27A

Verdicts & Comments Add Verdict or Comment

395 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| dataLayer undefined| $ function| jQuery object| seoAutomatedLinkBuilding object| googletag object| _taboola object| _comscore function| gtag object| bs_pagination_loc object| publisher_theme_global_loc object| publisher_theme_ajax_search_loc function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive string| ai_recaptcha_threshold string| ai_recaptcha_site_key number| ai_lazy_loading_offset string| ai_ajax_url boolean| ai_lists object| host_regexp boolean| ai_ip string| ai_data_id function| z function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| u function| y function| v function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_load_blocks function| ai_process_wait_for_interaction function| ai_process_check_recaptcha_score function| ai_process_delayed_blocks function| MobileDetect function| ai_process_lists function| ai_process_ip_addresses boolean| ai_js_code function| LazyLoad object| TTTagManager function| TTTagManagerError object| _ttq function| plausible function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _ilabsPushConfig object| IlabsPush object| CleverCore boolean| CleverCoreLoaded boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| COMSCORE object| ns_p function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image function| getFunctionFromString object| ggeac object| google_tag_data object| google_js_reporting_queue function| _0x2c80 function| _0x4a47 function| _0x1571 boolean| NSNLoader object| NSN object| PushnewsSubscription number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 function| onYouTubeIframeAPIReady object| _33across object| Better_Social_Counter boolean| pp_alreadyInitialized object| $bs_sticky_sidebars object| docCookies object| Publisher_UI object| Publisher_Theme function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| getEmPixels function| elementQuery function| OnScreen boolean| blockFotoramaData string| fotoramaVersion function| EvEmitter function| imagesLoaded function| hcSticky function| bsrj_retinajs string| n string| nq object| cmds object| _ttconversion object| ttcNamespace boolean| doresize object| scroll_pos boolean| hashtag string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GooglebQhCsO object| tbopt object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

49 Cookies

Domain/Path Name / Value
portaldosaopaulino.com.br/ Name: clever-last-tracker-60866
Value: 0
.portaldosaopaulino.com.br/ Name: _gid
Value: GA1.3.1249317713.1702156458
.portaldosaopaulino.com.br/ Name: _gat_gtag_UA_192628768_6
Value: 1
.portaldosaopaulino.com.br/ Name: _gat_gtag_UA_192628768_11
Value: 1
.portaldosaopaulino.com.br/ Name: lotame_domain_check
Value: portaldosaopaulino.com.br
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: a25af8c2-3bb3-48c8-9f6a-074a616def85
.portaldosaopaulino.com.br/ Name: _ga_N254Q8C0NW
Value: GS1.1.1702156457.1.0.1702156457.60.0.0
.portaldosaopaulino.com.br/ Name: _ga
Value: GA1.1.881570728.1702156458
.portaldosaopaulino.com.br/ Name: _ga_5GB957Y1NV
Value: GS1.1.1702156457.1.0.1702156457.0.0.0
portaldosaopaulino.com.br/ Name: tt_c_vmt
Value: 1702156458
portaldosaopaulino.com.br/ Name: tt_c_c
Value: direct
portaldosaopaulino.com.br/ Name: tt_c_s
Value: direct
portaldosaopaulino.com.br/ Name: tt_c_m
Value: direct
.openx.net/ Name: i
Value: 7a989f6d-934f-4158-8923-73c12af45850|1702156458
portaldosaopaulino.com.br/ Name: _ttuu.s
Value: 1702156458136
.portaldosaopaulino.com.br/ Name: cto_bundle
Value: v_O50F81VG93cnFUWGNXakwzZUFreGVObTk3TXdpaUZhUGROY3VSTzd6Q1lNMyUyQlYlMkZ1Y0VxV3prOGkybWNheG1pemNNTnIyS0hoemFpSDFLZVdpM0h1NWJXNnNaSiUyQnNQZ29VM0RlTWpyVVpadmZzQjZqUTViQnVZeGxGZGRyUlprRGU3akpzRmVka2dsaFViZ3RvczRoU2xsRmdqQnlEcDJpdiUyRlEwdTBGbm51UiUyRjZFJTNE
.portaldosaopaulino.com.br/ Name: cf_clearance
Value: N9JQ9neuso0wpHMBtHKcqFcua.ESo0nIyRDRPrjkM7Y-1702156458-0-1-74bde9c.e2b05bba.3224b2a5-0.2.1702156458
.portaldosaopaulino.com.br/ Name: __gads
Value: ID=d63e4ac06d02c98b:T=1702156457:RT=1702156457:S=ALNI_MaasOy5sLdKd_TQbCUWc0lIHn41dA
.portaldosaopaulino.com.br/ Name: __gpi
Value: UID=00000d110c8ab0b6:T=1702156457:RT=1702156457:S=ALNI_MYJNf3SmS_nX3FkPMEy24WqIRLxCQ
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=
.t.tailtarget.com/ Name: _ssc
Value: y
.t.tailtarget.com/ Name: u
Value: fwAAAWV02KqyiQbaEMosAgB=
.portaldosaopaulino.com.br/ Name: _gcl_au
Value: 1.1.826602102.1702156458
portaldosaopaulino.com.br/ Name: tt.u
Value: 0100007FAAD87465DA0689B2022CCA10
.doubleclick.net/ Name: IDE
Value: AHWqTUl3JpZYhczEjaXYL4xIkbnWgbn19TyHfKyS2fenXJrzLR8Em7OG5p1hTey2
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1702156458436_3117783974
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
portaldosaopaulino.com.br/ Name: tt.nprf
Value:
.ad.vsrv.media/ Name: uuid
Value: 34785f0c-b9d59ba6-6574d8aa-8809-19924f4c
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA15795,CA15771_1702156458
.doubleclick.net/ Name: DSID
Value: NO_DATA
.t.tailtarget.com/ Name: n
Value: 1702156458
.t.tailtarget.com/ Name: tp1
Value: CAESEP4lat11i7uvfCFxoj-0w7g
.t.tailtarget.com/ Name: dc
Value: 1
.quantserve.com/ Name: d
Value: EH0BCQHPKoEA
.quantserve.com/ Name: mc
Value: 6574d8ab-b2fb3-754e9-35983
.turn.com/ Name: uid
Value: 3864594092280067323
.casalemedia.com/ Name: CMID
Value: ZXTYq71vMBKpFQXweyzHvQAA
.casalemedia.com/ Name: CMPS
Value: 5249
.casalemedia.com/ Name: CMPRO
Value: 5249
.lijit.com/ Name: ljt_reader
Value: Hy06qGZH1iuN_RIVSvC2CrWu
.de17a.com/ Name: guid
Value: 1.1579082628718839116
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?jiFe*$!]tbPl1M>e)ZlrFUfJ+tGXxoeOo1Q`LyKkw>71v$[g$8+Vulm8c?3$sU[PPg3If)y3KL9D3I?+o[^`Ho
.adnxs.com/ Name: uuid2
Value: 7994836815543498385
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXTYqwAFrYsx3wAM
portaldosaopaulino.com.br/ Name: _NS_nbrePageViews
Value: 1
.trickyrock.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a74444021%2c%22BID%22%3a34664%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1702156461853)%5c%2f%22%2c%22CookieTag%22%3a%223466474444021e4%3a%3a110f%3a6%3a02b1%3a30a2C20231292114%22%7d%5d

2 Console Messages

Source Level URL
Text
network error URL: https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.bwin.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad.vsrv.media
ap.lijit.com
b.t.tailtarget.com
b1.trickyrock.com
bcp.crwdcntrl.net
c.nsmedia-advertising.com
call.cleverwebserver.com
cdn-ima.33across.com
cdn.pn.vg
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
csync.loopme.me
d.tailtarget.com
d5p.de17a.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
info.nsmedia-advertising.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pm-widget.taboola.com
portaldosaopaulino.com.br
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
scripts.nsn-server.xyz
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tpc.googlesyndication.com
tracker.myth.dev
tt-9964-3.seg.t.tailtarget.com
ui.cleverwebserver.com
www.bwin.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
csync.loopme.me
pagead2.googlesyndication.com
104.18.28.137
104.18.36.155
142.250.181.230
142.250.185.66
151.101.193.44
151.101.194.49
151.101.65.44
167.235.142.248
172.64.151.101
172.64.152.89
185.89.210.153
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.166
216.52.2.6
2600:9000:2127:9600:1:825a:8300:93a1
2606:4700:20::ac43:4637
2606:4700:3036::ac43:c9b1
2606:4700:4400::6812:2a64
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:bdf::63
2a00:1450:4001:803::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.102.185.99
34.120.135.53
34.98.64.218
35.201.123.184
52.212.5.247
65.9.66.122
65.9.95.81
00376f9f7470c6e32e5820d3c1d9fb6d447be4be7394326e1c2d4f2ebfd94de6
0140705704ef7b1087b2b70920e357f60bfcc1c20232371bd746079fc34a0192
01af7339b6c6b48810da8d74a1437d567f2da716b038b0ceab3d48dfed89cd31
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
06481698327594a18a0c0effb351ab478f377f5778a1c166a59cc9aa475c1aac
07a195d83f3bc8ac75e54ff6cc51b79ca42f058cd55e84904f0bb6abea59120f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d322d4493ee546f9d38daa49bdeeeedc86784f6dea388373788ac575009f92e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1875d9d8f466d3ea4d82ca11837c3d4e8635438162fa3d52629e09d79501989b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21
1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c60092cdf1bc703d733c277220a3709441129259e937cca537d7dc6261efb52
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
245d4c5c95ad5a617f2a968311d300242bacb292f0dadb6f5ffb485993ea0680
24f6c5a3eea28dc6a8e6c5a94e828e0a5d6140ebd8e21642120f3ba773d6aadc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f8faf0b90a2595f55ae63b5b56315684c5d6dd1b42c1414b4f0970e7c6a3d84
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
32b80cfcca0f669e3de6ea1dc4ecd36c162e555d8bc4d8aa68127d8590197475
3382941f638b5a2e4fd70ee0e8ad677fd62726d922b0b5c7f845fbc8e3e3245c
33ba298d87594bd173435b3d0eae2663f84f8a23db29b44be0cb8283ea25736a
33e351e1c8c7adb813f4ef8386d0e523a791ec719dd596a4e95d626cdb8fb447
375086112b846e1b87e6c17841fd3c45809dadd86fdc553033ed20797147f034
395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade
3fcc40affc6c9e1e881596234f396a953f4d43453eeaf0fe9a2f6755ff68fac4
40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75
41805a2cbfd70463ce7347d9a094b96074220cf5fc01b1e1cc6cc719b71f6680
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41dec1bf4f0840b42bb5f9d1a5929c2a2c5435924c20fd5374f8d3903b9f808c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43711d6e4fd52cb1034e62fa99feb977a00ce1d641e31cc3de44fa283a299dee
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
442353adce06fc2def880e6f81fa675e08086cdcacd1a4a0352c5ae1159b0290
44289e3d47d74145ce8ee6d99a3f9a2cde77b2d8aad9b1b946ea3204a9813ab2
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
457d70a382f9be1b2020b363874e10a2f0f4798ea640f2b92a9e898404059580
45b787fc509d0753bf66efd5a3152c99844e7a35dbf756f512936d44dbf548fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d0cfb7980bf2625e1d0ea022cfe8608a962bf2554d80438563b68780fc62a4
47e7d2fedb68b869412ef3efdc829eda38a93489168677c93024f894c77129ce
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
49102fa7d8f3d9fe20f5ce11ea6612065754d639c624e9c7306561d797b68d4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4e8f1c3ceab49255a03aa2e22d5f8d92077ea155767fb4c8c3744866d9757e6c
5076e41fbbf7586f03442f95f43c631be8c11d3890b857451f760d23570fcd02
52d5f0c0f3c7704b63d9e5d676e736069539324697fe77193dcdbe21dab2323f
53200b160ad3560e8758632e4f2ce7023245f715606f9e19702716492e362cd3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
598398fff29a70bdbfb62959033dc299369868e867eecf11938e3d7b5b2142d7
5acea0998f8b7454460db5e0c845c6b34b8f5c16b9cb1a51dbda933575162407
5ad70e9fc5042aff04b7e3525872f856c39f5ea2044289fe97fad73943d7645b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2a1a06c6ecb8dedd829ef2a429287356e36d7f04afef11ad7d2b4acc7f2d76
5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6766482d76571f21930a2a9b8dd350199efcd255cf684a3aa7a1ff23d92836b3
6a3338750137f6be48ad45436d3017b407f5d09d0b1678651e67b1f404162384
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb2908641f6b227f1915c39a42b8c69b17bd2c1a18cdd863314250891c1a407
6bb90951d9cc3176058e0a1a190ae38507f58bc70265b5befdcf6057586bb94d
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6d98f0a07e454346e88a6882d73fa1fa788869223c49aedfbb4c6e9746d95bdc
732d165dd7ffe0d4dd2067f50de753bde0fa07bc4bfae1e6955e68f8d473e74e
74e230e3d9b92e87927976ef7cb860f590114fe43c5268eb873f61b2ded6fc30
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
7be0d3eb8675438bb8cd99f6fdbdad8e429e801c4e5ec85ddcd7d25b8bc3b552
82827501afec686ff217847bea18cf345ca8e8aa99027ebff98f37e801394b39
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
858972a01ffd5fcbf9be0e871ad665a406893d8044857d4292f351b030427f58
85f244253939c63351b34fb6b40bc7af1a0b8da9a8d79d8f095e34f13152a41f
861f38a3ab2d6394309ad1614094eebf62ceca1f82ea5defabe9412bc9e8a313
87db6ed4b0c73df1c5eed4648d19e3e14e8d42b7dab754365bcd421a1e2a3fe8
88704bcbf6cc035484d56531cf8a26a3fd93acdf9609007abe9b3a821f9baf52
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8cbfce030d4bcfe922b43cc0c9e4c270a23554843d8b80b4d911d74a38c6a56d
8d6a507efb5925e8d9357c5249faf9f2a3651395b499330f4188eeaeadb10c6a
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
90fd25c18303d1778941d8042740a293e075e270c80791b5a66b39382a4a44a6
9361cb908b83c141f3eeb290b24e144aa6fe839a7d232677a7d547135b068294
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a4fecfa314eef79335f53501dfead3036bff1d9893175ed5dc85b4f7d3c7c5f5
a5e1bcb6490808c6ade52c4f2b567a1ec51d9339d58401dcc7d9199dd192113c
a703ddf118c196b2ee6570b2588e7a28602e5b91004d0a681237a417f2904453
a80f6001deb9fd22c4405eed0cba1da78ac7a9b97f5ba0e5fbb4cd2f9c3fa9f6
a90e8a988354563e5cf3e876e0fd4a87b5b1be243274bfe88d4ce09a0a5cf54f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aacd8572f4abdb803104c089cd42c187a52e4af8291493a7fcfdcde18cd72f14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe1b8b2a83e8c80262f4ba8cc9ad20741e7bb2f775f359f94b4e25bfeb8a543
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c4e79ddc6a520b593136eda5e2f15dae79d9fcea993d1cb8c5f4e4ec0d3f2
b27238ba2620d9d7e85aa82877c1881d1c05147bb6a7970f370deaabeb5bedbf
b2cf5acb226ee67e0e79eab63865805cc30703d9ebe074c7c28fccb0388477b9
b4d5da27286eef36cb0d5f0ff2e509d72d82151e11fe3d08d8c0aba039fdc9f6
b80f0363c7df0f0e6cedf5532ffcbcd0157341bee5f4c208ac3c930d484f2f50
b847304c8235413dce535477bf457427ddd23a1ed26a4900c54a19fc3167d6d8
b855f317639f2d0b5d010f65280c401552e039e67bff9afc2dbb06dd89e648c4
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b894cc7e0ff5c548f67f18361b0c500e5d5b24f6fd6cbcd83426dea0f7464498
b99de21e7f416e69cd26b50bc28155c8f3aa6d1d2c06b85ab6418dc03134a4bf
b9ccfd2dab2f0d841ecd305a719d0d01c8fb3455ef17eeae020cefa82edef4dc
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c
c16ffaefaa96364424fbab29ab554814481486d83cb052cb25ab3e223c5ec8af
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b
c7b5a736297a719f1347180cc01a19ec31bec168c813b732d13567b0bff9f016
c89c9b6861af5a4742d34dd42ae346eec1548fc87291e681a58dc89bc4cd7ae1
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb627b400414a489b1a13ff70c8983485f6c4063c4b8838aa4a0179a737009b9
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d071bd5b78fd862b103e59b78c4f1d4a921434a564af2bc480df5a8773f1c26e
d847ca8605f476557753ed7da645a0481d984f7dacbfe2116957be3444c6fe7f
da4347e5533b31599e126475d73441932755e671a267f2784366ead6e009549b
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dde9490581308ca118c495925f3178491ec771b728b79d19bf7dd122970e3f16
ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0db4ed353b10355c0190bb8322472f991598c5a8911b4c527d07203a082ccaf
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a738795240f397d712472e7fcee9e1faf104cac5853ea66b00e2415f42b05
e6f5edf2e64374522e12e4ffbf608e7cd3fb5ff6b120a8600064173d77404e62
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb13e7247dc55a76c4ea9451ce39b88d1f4c68502b89a211df6bd6c1cb9c6a75
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef184f43e8b7d8995df8350c563f99de9410fa928b78664f1c5e9b972cc087e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8cfc6e8bc2353fbcd4c95185addcd6fc897d8843f6b93e7fc1e0d676e5419a8